CVE-2024-8687

MEDIUM EPSS 32.4%
Published Sep 11, 20241y ago · Modified Jun 17, 20261w ago
6.9 CVSS 4.0
Medium
Find Similar
Published Sep 11, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configured disable or disconnect passcode. After the password or passcode is known, end users can uninstall, disable, or disconnect GlobalProtect even if the GlobalProtect app configuration would not normally permit them to do so.

CVSS Details

Base Score
6.9
Exploitability
Impact
Vector string
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:A/V:D/RE:M/U:Amber
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope X

Threat Intelligence

EPSS Exploit Probability
32.4% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-497

Affected Products 14

VendorProductVersionRange
paloaltonetworkspan-os*≥8.1.0  –  <8.1.25
paloaltonetworkspan-os*≥9.0.0  –  <9.0.17
paloaltonetworkspan-os*≥9.1.0  –  <9.1.16
paloaltonetworkspan-os*≥10.0.0  –  <10.0.12
paloaltonetworkspan-os*≥10.1.0  –  <10.1.9
paloaltonetworkspan-os*≥10.2.0  –  <10.2.4
paloaltonetworkspan-os11.0.0any
paloaltonetworksglobalprotect*≥5.1.0  –  <5.1.12
paloaltonetworksglobalprotect*≥5.2.0  –  <5.2.13
paloaltonetworksglobalprotect*≥6.0.0  –  <6.0.7
paloaltonetworksglobalprotect*≥6.1.0  –  <6.1.2
paloaltonetworksglobalprotect6.2.0any
paloaltonetworksprisma_access*any
paloaltonetworkspan-os* <10.2.9

References 1

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.