Main Vulnerability Database Vulnerabilities #VU87515

#VU87515 Improper Privilege Management in Palo Alto PAN-OS - CVE-2024-2433

Published: March 14, 2024

Vulnerability identifier: #VU87515

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2024-2433

CWE-ID: CWE-269

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Palo Alto PAN-OS

Software vendor:
Palo Alto Networks, Inc.

Description

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper privilege management within the web interface. A remote authenticated read-only administrator can upload files using the web interface and completely fill one of the disk partitions with those uploaded files, which prevents the ability to log into the web interface or to download PAN-OS, WildFire, and content images.

Remediation

Install updates from vendor's website.

External links

https://security.paloaltonetworks.com/CVE-2024-2433

#VU87515 Improper Privilege Management in Palo Alto PAN-OS - CVE-2024-2433

Description

Remediation

External links

Please verify you're human