Improper privilege management in Palo Alto PAN-OS - CVE-2024-9471
Published: October 10, 2024
Palo Alto PAN-OS
Detailed vulnerability description
The vulnerability allows a remote user to escalate privileges on the system.
The vulnerability exists due to improper privilege management in the XML API. A remote authenticated PAN-OS administrator with restricted privileges to use a compromised XML API key can perform actions as a higher privileged PAN-OS administrator beyond what the XML API permits.