A server-side request forgery in PAN-OS software enables an unauthenticated attacker to use the administrative web interface as a proxy, which enables the attacker to view internal network resources not otherwise accessible.
History

Thu, 14 Nov 2024 09:45:00 +0000

Type Values Removed Values Added
Description A server-side request forgery in PAN-OS software enables an unauthenticated attacker to use the administrative web interface as a proxy, which enables the attacker to view internal network resources not otherwise accessible.
Title PAN-OS: Server-Side Request Forgery in WildFire
Weaknesses CWE-918
References
Metrics cvssV4_0

{'score': 6.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:N/SA:N/AU:N/R:A/V:D/RE:M/U:Amber'}


cve-icon MITRE

Status: PUBLISHED

Assigner: palo_alto

Published: 2024-11-14T09:39:40.266Z

Updated: 2024-11-14T19:35:37.894Z

Reserved: 2024-06-12T15:27:57.001Z

Link: CVE-2024-5917

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-11-14T10:15:08.607

Modified: 2024-11-15T13:58:08.913

Link: CVE-2024-5917

cve-icon Redhat

No data.