CVE-2024-5918 — Improper Certificate Validation in Palo Alto Networks Pan-os

CWE-295 — Improper Certificate Validation4 documents4 sources

Severity

5.3MEDIUMNVD

EPSS

0.2%

top 63.85%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Palo Alto Networks Pan-os Paloaltonetworks Pan-os Paloalto Cloud Ngfw +2 more

Timeline

PublishedNov 14

Description

An improper certificate validation vulnerability in Palo Alto Networks PAN-OS software enables an authorized user with a specially crafted client certificate to connect to an impacted GlobalProtect portal or GlobalProtect gateway as a different legitimate user. This attack is possible only if you "Allow Authentication with User Credentials OR Client Certificate."

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L

Affected Packages5 packages

▶NVDpaloaltonetworks/pan-os10.1.0 — 10.1.11+3

▶CVEListV5palo_alto_networks/pan-os11.0.0 — 11.0.3+2

▶Palo Altopaloalto/pan-os

▶Palo Altopaloalto/cloud_ngfw

▶Palo Altopaloalto/prisma_access

🔴Vulnerability Details

CVEList

PAN-OS: Improper Certificate Validation Enables Impersonation of a Legitimate GlobalProtect User↗2024-11-14

▶

GHSA

GHSA-xvx4-v362-295f: An improper certificate validation vulnerability in Palo Alto Networks PAN-OS software enables an authorized user with a specially crafted client cert↗2024-11-14

▶

📋Vendor Advisories

Palo Alto

PAN-OS: Improper Certificate Validation Enables Impersonation of a Legitimate GlobalProtect User↗

▶