CVE-2024-8691 MEDIUM

CVE-2024-8691: PAN-OS: User Impersonation in GlobalProtect Portal

Vendor Palo Alto Networks

Product PAN-OS

Weakness CWE-863 · Incorrect authorization

Published September 11, 2024

Last update September 11, 2024

View on NVD All CVEs

CVSS base score

5.3/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/AU:Y/R:A/V:D/RE:M/U:Amber

What the vulnerability does

01Description

A vulnerability in the GlobalProtect portal in Palo Alto Networks PAN-OS software enables a malicious authenticated GlobalProtect user to impersonate another GlobalProtect user. Active GlobalProtect users impersonated by an attacker who is exploiting this vulnerability are disconnected from GlobalProtect. Upon exploitation, PAN-OS logs indicate that the impersonated user authenticated to GlobalProtect, which hides the identity of the attacker.

Key dates

02Disclosure timeline

September 11, 2024 CVE published

September 11, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2024-8691

Related vulnerabilities

Identifiers

CVE CVE-2024-8691

CWE CWE-863

CVSS 5.3 / MEDIUM

Affected versions

Vendor Palo Alto Networks

Product PAN-OS

Affected ≥ 9.1.0 and < 9.1.17

Vendor Palo Alto Networks

Product PAN-OS

Affected ≥ 10.1.0 and < 10.1.11

CVE-2024-8691: PAN-OS: User Impersonation in GlobalProtect Portal

01Description

02Disclosure timeline

03References

04Related CVE