{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-5905", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "state": "PUBLISHED", "assignerShortName": "palo_alto", "dateReserved": "2024-06-12T15:27:53.779Z", "datePublished": "2024-06-12T16:20:35.039Z", "dateUpdated": "2024-08-01T21:25:03.270Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Windows"], "product": "Cortex XDR Agent", "vendor": "Palo Alto Networks", "versions": [{"changes": [{"at": "7.9.102-CE", "status": "unaffected"}], "lessThan": "7.9.102-CE", "status": "affected", "version": "7.9-CE", "versionType": "custom"}, {"changes": [{"at": "8.1.2", "status": "unaffected"}], "lessThan": "8.1.2", "status": "affected", "version": "8.1.0", "versionType": "custom"}, {"changes": [{"at": "8.2.1", "status": "unaffected"}], "lessThan": "8.2.1", "status": "affected", "version": "8.2.0", "versionType": "custom"}, {"status": "unaffected", "version": "8.3.0"}, {"status": "unaffected", "version": "8.4.0"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Palo Alto Networks thanks Manuel Feifel of VUREX (InfoGuard AG) for discovering and reporting this issue."}], "datePublic": "2024-06-12T07:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local low privileged Windows user to disrupt some functionality of the agent. However, they are not able to disrupt Cortex XDR agent protection mechanisms using this vulnerability.</p>"}], "value": "A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local low privileged Windows user to disrupt some functionality of the agent. However, they are not able to disrupt Cortex XDR agent protection mechanisms using this vulnerability."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Palo Alto Networks is not aware of any malicious exploitation of this issue.</p>"}], "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."}], "impacts": [{"capecId": "CAPEC-578", "descriptions": [{"lang": "en", "value": "CAPEC-578 Disable Security Software"}]}], "metrics": [{"cvssV4_0": {"Automatable": "YES", "Recovery": "USER", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 2, "baseSeverity": "LOW", "privilegesRequired": "LOW", "providerUrgency": "AMBER", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/AU:Y/R:U/V:D/RE:M/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "MODERATE"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-346", "description": "CWE-346 Origin Validation Error", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2024-06-12T16:22:57.869Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://security.paloaltonetworks.com/CVE-2024-5905"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>This issue is fixed in Cortex XDR agent 7.9.102-CE, Cortex XDR agent 8.1.2, Cortex XDR agent 8.2.1, and all later Cortex XDR agent versions.</p>"}], "value": "This issue is fixed in Cortex XDR agent 7.9.102-CE, Cortex XDR agent 8.1.2, Cortex XDR agent 8.2.1, and all later Cortex XDR agent versions."}], "source": {"defect": ["CPATR-21727"], "discovery": "EXTERNAL"}, "timeline": [{"lang": "en", "time": "2024-06-12T16:00:00.000Z", "value": "Initial publication"}], "title": "Cortex XDR Agent: Local Windows User Can Disrupt Functionality of the Agent", "x_generator": {"engine": "vulnogram 0.1.0-rc1"}, "x_legacyV4Record": {"CNA_private": {"Priority": "normal", "STATE": "review", "TYPE": "advisory", "affectsSummary": {"affected": ["None", "None", "< 8.2.1 on Windows", "< 8.1.2 on Windows", "< 7.9.102-CE on Windows"], "appliesTo": ["Cortex XDR Agent 8.4", "Cortex XDR Agent 8.3", "Cortex XDR Agent 8.2", "Cortex XDR Agent 8.1", "Cortex XDR Agent 7.9-CE"], "product_versions": ["Cortex XDR Agent 8.4", "Cortex XDR Agent 8.3", "Cortex XDR Agent 8.2", "Cortex XDR Agent 8.1", "Cortex XDR Agent 7.9-CE"], "unaffected": ["All", "All", ">= 8.2.1 on Windows", ">= 8.1.2 on Windows", ">= 7.9.102-CE on Windows"], "unknown": ["", "", "", "", ""]}, "owner": "abaishya", "publish": {"month": "06", "year": "2024", "ym": "2024-06"}, "share_with_CVE": true, "show_cvss": true}, "CVE_data_meta": {"ASSIGNER": "psirt@paloaltonetworks.com", "DATE_PUBLIC": "2024-06-12T16:00:00.000Z", "ID": "CVE-2023-case-CPATR-21727", "STATE": "PUBLIC", "TITLE": "Cortex XDR Agent: Local Windows User Can Disrupt Functionality of the Agent"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cortex XDR Agent", "version": {"version_data": [{"platform": "Windows", "version_affected": "<", "version_name": "7.9-CE", "version_value": "7.9.102-CE"}, {"platform": "Windows", "version_affected": "!>=", "version_name": "7.9-CE", "version_value": "7.9.102-CE"}, {"platform": "Windows", "version_affected": "<", "version_name": "8.1", "version_value": "8.1.2"}, {"platform": "Windows", "version_affected": "!>=", "version_name": "8.1", "version_value": "8.1.2"}, {"platform": "Windows", "version_affected": "<", "version_name": "8.2", "version_value": "8.2.1"}, {"platform": "Windows", "version_affected": "!>=", "version_name": "8.2", "version_value": "8.2.1"}, {"version_affected": "=", "version_name": "8.3", "version_value": "None"}, {"version_affected": "!", "version_name": "8.3", "version_value": "All"}, {"version_affected": "=", "version_name": "8.4", "version_value": "None"}, {"version_affected": "!", "version_name": "8.4", "version_value": "All"}]}}]}, "vendor_name": "Palo Alto Networks"}]}}, "credit": [{"lang": "eng", "value": "Palo Alto Networks thanks Manuel Feifel of VUREX (InfoGuard AG) for discovering and reporting this issue."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local low privileged Windows user to disrupt some functionality of the agent. However, they are not able to disrupt Cortex XDR agent protection mechanisms using this vulnerability."}]}, "exploit": [{"lang": "en", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."}], "generator": {"engine": "vulnogram 0.1.0-rc1"}, "impact": {"cvss": {"Automatable": "YES", "Recovery": "USER", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 2, "baseSeverity": "LOW", "privilegesRequired": "LOW", "providerUrgency": "AMBER", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/AU:Y/R:U/V:D/RE:M/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "MODERATE"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-346 Origin Validation Error"}]}]}, "references": {"reference_data": [{"refsource": "CONFIRM", "url": "https://security.paloaltonetworks.com/CVE-2023-case-CPATR-21727"}]}, "solution": [{"lang": "en", "value": "This issue is fixed in Cortex XDR agent 7.9.102-CE, Cortex XDR agent 8.1.2, Cortex XDR agent 8.2.1, and all later Cortex XDR agent versions."}], "source": {"defect": ["CPATR-21727"], "discovery": "EXTERNAL"}, "timeline": [{"lang": "en", "time": "2024-06-12T00:00:00", "value": "Initial publication"}], "x_advisoryEoL": false}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-12T17:58:42.722169Z", "id": "CVE-2024-5905", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-12T17:58:51.232Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:25:03.270Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://security.paloaltonetworks.com/CVE-2024-5905"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2024-5905", "tags": ["vendor-advisory", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:25:03.270Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-5905", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-12T17:58:42.722169Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-12T17:58:47.873Z"}}], "cna": {"title": "Cortex XDR Agent: Local Windows User Can Disrupt Functionality of the Agent", "source": {"defect": ["CPATR-21727"], "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Palo Alto Networks thanks Manuel Feifel of VUREX (InfoGuard AG) for discovering and reporting this issue."}], "impacts": [{"capecId": "CAPEC-578", "descriptions": [{"lang": "en", "value": "CAPEC-578 Disable Security Software"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "USER", "baseScore": 2, "Automatable": "YES", "attackVector": "LOCAL", "baseSeverity": "LOW", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/AU:Y/R:U/V:D/RE:M/U:Amber", "providerUrgency": "AMBER", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Palo Alto Networks", "product": "Cortex XDR Agent", "versions": [{"status": "affected", "changes": [{"at": "7.9.102-CE", "status": "unaffected"}], "version": "7.9-CE", "lessThan": "7.9.102-CE", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "8.1.2", "status": "unaffected"}], "version": "8.1.0", "lessThan": "8.1.2", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "8.2.1", "status": "unaffected"}], "version": "8.2.0", "lessThan": "8.2.1", "versionType": "custom"}, {"status": "unaffected", "version": "8.3.0"}, {"status": "unaffected", "version": "8.4.0"}], "platforms": ["Windows"], "defaultStatus": "unaffected"}], "exploits": [{"lang": "en", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.", "supportingMedia": [{"type": "text/html", "value": "<p>Palo Alto Networks is not aware of any malicious exploitation of this issue.</p>", "base64": false}]}], "timeline": [{"lang": "en", "time": "2024-06-12T16:00:00.000Z", "value": "Initial publication"}], "solutions": [{"lang": "en", "value": "This issue is fixed in Cortex XDR agent 7.9.102-CE, Cortex XDR agent 8.1.2, Cortex XDR agent 8.2.1, and all later Cortex XDR agent versions.", "supportingMedia": [{"type": "text/html", "value": "<p>This issue is fixed in Cortex XDR agent 7.9.102-CE, Cortex XDR agent 8.1.2, Cortex XDR agent 8.2.1, and all later Cortex XDR agent versions.</p>", "base64": false}]}], "datePublic": "2024-06-12T07:00:00.000Z", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2024-5905", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "vulnogram 0.1.0-rc1"}, "descriptions": [{"lang": "en", "value": "A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local low privileged Windows user to disrupt some functionality of the agent. However, they are not able to disrupt Cortex XDR agent protection mechanisms using this vulnerability.", "supportingMedia": [{"type": "text/html", "value": "<p>A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local low privileged Windows user to disrupt some functionality of the agent. However, they are not able to disrupt Cortex XDR agent protection mechanisms using this vulnerability.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-346", "description": "CWE-346 Origin Validation Error"}]}], "providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2024-06-12T16:22:57.869Z"}, "x_legacyV4Record": {"credit": [{"lang": "eng", "value": "Palo Alto Networks thanks Manuel Feifel of VUREX (InfoGuard AG) for discovering and reporting this issue."}], "impact": {"cvss": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "USER", "baseScore": 2, "Automatable": "YES", "attackVector": "LOCAL", "baseSeverity": "LOW", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/AU:Y/R:U/V:D/RE:M/U:Amber", "providerUrgency": "AMBER", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}}, "source": {"defect": ["CPATR-21727"], "discovery": "EXTERNAL"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"platform": "Windows", "version_name": "7.9-CE", "version_value": "7.9.102-CE", "version_affected": "<"}, {"platform": "Windows", "version_name": "7.9-CE", "version_value": "7.9.102-CE", "version_affected": "!>="}, {"platform": "Windows", "version_name": "8.1", "version_value": "8.1.2", "version_affected": "<"}, {"platform": "Windows", "version_name": "8.1", "version_value": "8.1.2", "version_affected": "!>="}, {"platform": "Windows", "version_name": "8.2", "version_value": "8.2.1", "version_affected": "<"}, {"platform": "Windows", "version_name": "8.2", "version_value": "8.2.1", "version_affected": "!>="}, {"version_name": "8.3", "version_value": "None", "version_affected": "="}, {"version_name": "8.3", "version_value": "All", "version_affected": "!"}, {"version_name": "8.4", "version_value": "None", "version_affected": "="}, {"version_name": "8.4", "version_value": "All", "version_affected": "!"}]}, "product_name": "Cortex XDR Agent"}]}, "vendor_name": "Palo Alto Networks"}]}}, "exploit": [{"lang": "en", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."}], "solution": [{"lang": "en", "value": "This issue is fixed in Cortex XDR agent 7.9.102-CE, Cortex XDR agent 8.1.2, Cortex XDR agent 8.2.1, and all later Cortex XDR agent versions."}], "timeline": [{"lang": "en", "time": "2024-06-12T00:00:00", "value": "Initial publication"}], "data_type": "CVE", "generator": {"engine": "vulnogram 0.1.0-rc1"}, "references": {"reference_data": [{"url": "https://security.paloaltonetworks.com/CVE-2023-case-CPATR-21727", "refsource": "CONFIRM"}]}, "CNA_private": {"TYPE": "advisory", "STATE": "review", "owner": "abaishya", "publish": {"ym": "2024-06", "year": "2024", "month": "06"}, "Priority": "normal", "show_cvss": true, "affectsSummary": {"unknown": ["", "", "", "", ""], "affected": ["None", "None", "< 8.2.1 on Windows", "< 8.1.2 on Windows", "< 7.9.102-CE on Windows"], "appliesTo": ["Cortex XDR Agent 8.4", "Cortex XDR Agent 8.3", "Cortex XDR Agent 8.2", "Cortex XDR Agent 8.1", "Cortex XDR Agent 7.9-CE"], "unaffected": ["All", "All", ">= 8.2.1 on Windows", ">= 8.1.2 on Windows", ">= 7.9.102-CE on Windows"], "product_versions": ["Cortex XDR Agent 8.4", "Cortex XDR Agent 8.3", "Cortex XDR Agent 8.2", "Cortex XDR Agent 8.1", "Cortex XDR Agent 7.9-CE"]}, "share_with_CVE": true}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local low privileged Windows user to disrupt some functionality of the agent. However, they are not able to disrupt Cortex XDR agent protection mechanisms using this vulnerability."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-346 Origin Validation Error"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2023-case-CPATR-21727", "STATE": "PUBLIC", "TITLE": "Cortex XDR Agent: Local Windows User Can Disrupt Functionality of the Agent", "ASSIGNER": "psirt@paloaltonetworks.com", "DATE_PUBLIC": "2024-06-12T16:00:00.000Z"}, "x_advisoryEoL": false}}}, "cveMetadata": {"cveId": "CVE-2024-5905", "state": "PUBLISHED", "dateUpdated": "2024-08-01T21:25:03.270Z", "dateReserved": "2024-06-12T15:27:53.779Z", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "datePublished": "2024-06-12T16:20:35.039Z", "assignerShortName": "palo_alto"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:content_update:*:*:*", "matchCriteriaId": "09772885-7300-4BB8-8E6B-D4CE4474D479", "versionEndExcluding": "7.9.102", "versionStartIncluding": "7.9.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*", "matchCriteriaId": "D085EDE6-405B-4AC0-9C86-0104B6FA3AE0", "versionEndExcluding": "8.1.2", "versionStartIncluding": "8.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*", "matchCriteriaId": "0BB9F55A-17D4-47B4-AFCE-EE2AB1B67FF5", "versionEndExcluding": "8.2.1", "versionStartIncluding": "8.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local low privileged Windows user to disrupt some functionality of the agent. However, they are not able to disrupt Cortex XDR agent protection mechanisms using this vulnerability."}, {"lang": "es", "value": "Un problema con un mecanismo de protecci\u00f3n en el agente Cortex XDR de Palo Alto Networks en dispositivos Windows permite que un usuario local de Windows con pocos privilegios interrumpa algunas funciones del agente. Sin embargo, no pueden interrumpir los mecanismos de protecci\u00f3n del agente Cortex XDR utilizando esta vulnerabilidad."}], "id": "CVE-2024-5905", "lastModified": "2024-11-21T09:48:33.170", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 2.5, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "LOCAL", "automatable": "YES", "availabilityRequirements": "NOT_DEFINED", "baseScore": 2.0, "baseSeverity": "LOW", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "AMBER", "recovery": "USER", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "subsequentSystemConfidentiality": "NONE", "subsequentSystemIntegrity": "NONE", "userInteraction": "NONE", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:D/RE:M/U:Amber", "version": "4.0", "vulnerabilityResponseEffort": "MODERATE", "vulnerableSystemAvailability": "LOW", "vulnerableSystemConfidentiality": "NONE", "vulnerableSystemIntegrity": "LOW"}, "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}, "published": "2024-06-12T17:15:52.847", "references": [{"source": "psirt@paloaltonetworks.com", "tags": ["Vendor Advisory"], "url": "https://security.paloaltonetworks.com/CVE-2024-5905"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://security.paloaltonetworks.com/CVE-2024-5905"}], "sourceIdentifier": "psirt@paloaltonetworks.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-346"}], "source": "psirt@paloaltonetworks.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}