Back

CVE-2024-8688

Sept. 11, 2024, 5:15 p.m.

Received
CVE has been recently published to the CVE List and has been received by the NVD.

Products

Palo Alto Networks PAN-OS

Source

psirt@paloaltonetworks.com

Tags

psirt@paloaltonetworks.com
2024-09-11
CVE-2024-8688
CWE-155

CVE-2024-8688 details

Published : Sept. 11, 2024, 5:15 p.m.
Last Modified : Sept. 11, 2024, 5:15 p.m.

Description

An improper neutralization of matching symbols vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables authenticated administrators (including read-only administrators) with access to the CLI to to read arbitrary files on the firewall.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description
CWE-155 Improper Neutralization of Wildcards or Matching Symbols The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as wildcards or matching symbols when they are sent to a downstream component.

References

URL Source
https://security.paloaltonetworks.com/CVE-2024-8688 psirt@paloaltonetworks.com
This website uses the NVD API, but is not approved or certified by it.