Palo Alto Networks released security updates to address\u00a0five security flaws\u00a0impacting its products, the most severe issue, tracked as CVE-2024-5910 (CVSS score: 9.3), is a missing authentication for a critical function in Palo Alto Networks Expedition that can lead to an admin account takeover.<\/p>\n\n\n\n
Palo Alto Networks Expedition is a tool designed to help users transition to and optimize Palo Alto Networks’ next-generation firewalls. It assists with the migration of configurations from other firewall vendors and legacy Palo Alto Networks devices to newer models. Additionally, Expedition provides automation and best practice adoption to improve security posture and operational efficiency.
“Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition.” reads the advisory<\/a>. “Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue.”<\/em><\/p>\n\n\n\n
Palo Alto also addressed a File Upload Vulnerability, tracked as CVE-2024-5911<\/a> (CVSS score: 7.0), in the Panorama Web Interface of PAN-OS<\/a>.<\/p>\n\n\n\n
“An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama.” reads the advisory<\/a>. “Repeated attacks eventually cause the Panorama to enter maintenance mode, which requires manual intervention to bring the Panorama back online.”<\/em><\/p>\n\n\n\n
The remaining issues addressed by the security vendor are:<\/p>\n\n\n\n
| 6.8<\/strong><\/td> | CVE-2024-5912 Cortex XDR Agent: Improper File Signature Verification Checks<\/a><\/td> | Cortex XDR Agent 8.4Cortex XDR Agent 8.3-CECortex XDR Agent 8.3Cortex XDR Agent 8.2Cortex XDR Agent 7.9-CE<\/td> | NoneNoneNone< 8.2.2< 7.9.102-CE<\/td> | AllAllAll>= 8.2.2>= 7.9.102-CE<\/td> | 2024-07-10<\/td> | 2024-07-10<\/td><\/tr> |
| 5.4<\/strong><\/td> | CVE-2024-5913 PAN-OS: Improper Input Validation Vulnerability in PAN-OS<\/a><\/td> | Cloud NGFWPAN-OS 11.2PAN-OS 11.1PAN-OS 11.0PAN-OS 10.2PAN-OS 10.1Prisma Access<\/td> | None< 11.2.1< 11.1.4< 11.0.5< 10.2.10< 10.1.14-h2None<\/td> | All>= 11.2.1>= 11.1.4>= 11.0.5>= 10.2.10>= 10.1.14-h2All<\/td> | 2024-07-10<\/td> | 2024-07-10<\/td><\/tr> |
| 5.3<\/strong><\/td> | CVE-2024-3596 PAN-OS: CHAP and PAP When Used with RADIUS Authentication Lead to Privilege Escalation<\/a><\/td> | Cloud NGFWPAN-OS 11.2PAN-OS 11.1PAN-OS 11.0PAN-OS 10.2PAN-OS 10.1PAN-OS 9.1Prisma Access<\/td> | NoneNone< 11.1.3< 11.0.4-h4< 10.2.10< 10.1.14< 9.1.19All<\/td> | AllAll>= 11.1.3>= 11.0.4-h4>= 10.2.10>= 10.1.14>= 9.1.19None (Fix ETA: July 30)<\/td> | 2024-07-10<\/td> | 2024-07-10<\/td><\/tr><\/tbody><\/table> Follow me on Twitter: @securityaffairs<\/strong><\/a> and Facebook<\/strong><\/a> and Mastodon<\/a><\/p>\n\n\n\n (<\/strong>SecurityAffairs<\/strong><\/a>\u00a0\u2013<\/strong>\u00a0hacking, Palo Alto )<\/strong> |