ГлавнаяУязвимости → CVE-2024-9474
7.2высокая

CVE-2024-9474

→ есть в БДУ: BDU:2024-09891 (на русском)
Описание (на английском; русское — в БДУ выше)

A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges. Cloud NGFW and Prisma Access are not impacted by this vulnerability.

Затрагиваемое ПО
Paloaltonetworks Pan-os
CVSS
Балл7.2 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Источники
https://security.paloaltonetworks.com/CVE-2024-9474https://unit42.paloaltonetworks.com/cve-2024-0012-cve-2024-9474/https://github.com/k4nfr3/CVE-2024-9474https://labs.watchtowr.com/pots-and-pans-aka-an-sslvpn-palo-alto-pan-os-cve-2024-0012-and-cve-2024-9474/https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9474