Main Vulnerability Database Vulnerabilities #VU86541

#VU86541 Insufficient Session Expiration in Palo Alto PAN-OS - CVE-2024-0008

Published: February 15, 2024

Vulnerability identifier: #VU86541

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2024-0008

CWE-ID: CWE-613

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Palo Alto PAN-OS

Software vendor:
Palo Alto Networks, Inc.

Description

The vulnerability allows a local attacker to gain access to sensitive information.

The vulnerability exists due to insufficient session expiration issue in the management interface. An attacker with physical access can obtain or guess session token and gain unauthorized access to session that belongs to another user.

Remediation

Install updates from vendor's website.

External links

https://security.paloaltonetworks.com/CVE-2024-0008

#VU86541 Insufficient Session Expiration in Palo Alto PAN-OS - CVE-2024-0008

Description

Remediation

External links

Please verify you're human