CVE-2024-5911

July 10, 2024, 7:15 p.m.

None
No Score

Description

An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause the Panorama to enter maintenance mode, which requires manual intervention to bring the Panorama back online.

Product(s) Impacted

Product Versions
Palo Alto Networks Panorama software

Weaknesses

CWE-434
Unrestricted Upload of File with Dangerous Type
The product allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment.

References

https://security.paloaltonetworks.com/CVE-2024-5911

Tags

CWE-434
psirt@paloaltonetworks.com
2024-07-10
CVE-2024-5911

Date

  • Published: July 10, 2024, 7:15 p.m.
  • Last Modified: July 10, 2024, 7:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

psirt@paloaltonetworks.com

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.