Web Application FirewallPalo.Alto.Networks.Management.Interface.Authentication.Bypass
Description
This indicates an attack attempt to exploit an Authentication Bypass Vulnerability in Palo Alto Networks PAN-OS Management Web Interface.
The vulnerability is due to a lack of proper validation of user-supplied data. A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted request to the target server. Successful exploitation could allow an attacker to log in as an authenticated user.
Outbreak Alert
Palo Alto Networks has recently disclosed two zero-day vulnerabilities, CVE-2024-0012 and CVE-2024-9474, affecting the PAN-OS firewall and other products. Both flaws, which are actively being exploited in the wild, affect the Management Web Interface. Successful exploitations allows attackers to bypass authentication and gain administrator-level access without any user interaction.
Affected Products
PAN-OS 11.2 prior to 11.2.4-h1
PAN-OS 11.1 prior to 11.1.5-h1
PAN-OS 11.0 prior to 11.0.6-h1
PAN-OS 10.2 prior to 10.2.12-h2
Impact
Security Bypass: Remote attackers can bypass security features of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://security.paloaltonetworks.com/CVE-2024-0012
Version Updates
| Date | Version | Status | Detail |
|---|---|---|---|
| 2024-12-11 | 1.00059 |
New
|
| ID | 1002017459 |
| Created | Dec 11, 2024 |
| Updated | Dec 11, 2024 |
| CVE ID | |
| Tags | PAN-OS Management Interface Attack |
| Risk |
|
| Default Action | drop |
| Active | |
| Affected OS | Other |
| Affected App | Other |