CVE-2024-0007
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)
Published: Feb 14, 2024 / Updated: 9mo ago
010
CVSS 6.8EPSS 0.04%Medium
CVE info copied to clipboard
A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a malicious authenticated read-write administrator to store a JavaScript payload using the web interface on Panorama appliances. This enables the impersonation of another authenticated administrator.
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
Timeline
CVE Assignment
NVD published the first details for CVE-2024-0007
Feb 14, 2024 at 10:15 AM
First Article
Feedly found the first article mentioning CVE-2024-0007. See article
Feb 14, 2024 at 6:20 PM / VulDB Recent Entries
CVSS Estimate
Feedly estimated the CVSS score as MEDIUM
Feb 14, 2024 at 6:20 PM
Detection in Vulnerability Scanners
Detection for the vulnerability has been added to Nessus (190584)
Feb 15, 2024 at 2:15 PM
EPSS
EPSS Score was set to: 0.04% (Percentile: 6.7%)
Feb 15, 2024 at 2:33 PM
Affected Systems
Paloaltonetworks/pan-os
+null more
Attack Patterns
CAPEC-209: XSS Using MIME Type Mismatch
+null more
News
XSS: TryHackMe Walkthrough& more
Hello fellows, I recently discovered this well-written TryHackMe Walkthrough . In my opinion, it easily understandable by anyone, especially by the beginners. 😸 It enlists the definition of this attack, types of XSS and has some nice exercises. I won't get into details, because you'll find out more in the page(s). 💥 Here is another great resource where you can find out more. Here are details about a ~ 2 months old attack CVE-2024-0007 on Palo Alto Networks. So- what do you say? Will you apply sufficient validation , sanitization on the input and will you encode the characters? 😉
[no-title]
10 N CVE-2024-3400 PAN-OS: OS Command Injection Vulnerability in GlobalProtect none none none none All >= 11.1.2-h3 (See additional hotfixes in Solution section) >= 11.0.4-h1 (See additional hotfixes in Solution section) >= 10.2.9-h1 (See additional hotfixes in Solution section) All All all 2024-04-12 2024-04-15 8.3 N CVE-2024-3383 PAN-OS: Improper Group Membership Change Vulnerability in Cloud Identity Engine (CIE) none none none none All All >= 11.0.3 >= 10.2.5 >= 10.1.11 All all 2024-04-10 2024-04-10 8.2 N CVE-2024-3385 PAN-OS: Firewall Denial of Service (DoS) when GTP Security is Disabled Cloud NGFW PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 9.1 PAN-OS 9.0 Prisma Access none none none All All >= 11.0.3 >= 10.2.8 >= 10.1.12 >= 9.1.17 >= 9.0.17-h4 All 2024-04-10 2024-04-10 8.2 CVE-2024-3382 PAN-OS: Firewall Denial of Service (DoS) via a Burst of Crafted Packets none none none none All >= 11.1.2 >= 11.0.4 >= 10.2.7-h3 All All all 2024-04-10 2024-04-10 8.2 N CVE-2024-3384 PAN-OS: Firewall Denial of Service (DoS) via Malformed NTLM Packets none none none none All All All >= 10.0.12 >= 9.1.15-h1 >= 9.0.17 >= 8.1.24 all 2024-04-10 2024-04-10 6.9 N CVE-2024-3386 PAN-OS: Predefined Decryption Exclusions Does Not Work as Intended Cloud NGFW PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 Prisma Access none none none All All >= 11.0.1-h2, >= 11.0.2 >= 10.2.4-h2, >= 10.2.5 >= 10.1.9-h3, >= 10.1.10 >= 10.0.13 >= 9.1.17 >= 9.0.17-h2 All 2024-04-10 2024-04-10 6 CVE-2024-3387 PAN-OS: Weak Certificate Strength in Panorama Software Leads to Sensitive Information Disclosure none none none none All All >= 11.0.4 on Panorama >= 10.2.7-h3 on Panorama, >= 10.2.8 on Panorama >= 10.1.12 on Panorama All all 2024-04-10 2024-04-10 5.1 CVE-2024-3388 PAN-OS: User Impersonation in GlobalProtect SSL VPN Cloud NGFW PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access none none All All >= 11.0.3 >= 10.2.7-h3 >= 10.1.11-h4 >= 9.1.17 >= 9.0.17-h4 >= 8.1.26 >= 10.2.4 2024-04-10 2024-04-10 i PAN-SA-2024-0004 Informational Bulletin: OSS CVEs fixed in PAN-OS Versions prior to those listed above 2024-04-10 i PAN-SA-2024-0003 Informational Bulletin:
Rewterz Threat Advisory – Multiple Palo Alto Networks PAN-OS Vulnerabilities
Palo Alto Networks PAN-OS is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the GlobalProtect portal feature. Palo Alto Networks PAN-OS is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the web interface on Panorama appliances.
PAN-OS: CVSS (Max): 6.3
=========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2024.1183 CVE-2024-0007 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface 26 February 2024 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: PAN-OS Publisher: Palo Alto Networks Operating System: Network Appliance Resolution: Patch/Upgrade CVE Names: CVE-2024-0007 Original Bulletin: https://securityadvisories.paloaltonetworks.com/CVE-2024-0007 Comment: CVSS (Max): 6.3 CVE-2024-0007 (CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:L/SC:H/SI:H/SA:H/AU:N/R:U/V:D/RE:M/U:Amber) CVSS Source:
PAN-OS: CVSS (Max): 6.3
The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin.
See 12 more articles and social media posts