CVE-2024-9474

HighKnown ExploitedRansomware

A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web…

palo_alto·CWE-78·Published 2024-11-18

CVSS

7.2

EPSS

0.95

KEV

Yes

Exploits

cve.orgen

275 chars

A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges. Cloud NGFW and Prisma Access are not impacted by this vulnerability.

NVDen

275 chars

NVDes

312 chars

Una vulnerabilidad de escalada de privilegios en el software PAN-OS de Palo Alto Networks permite que un administrador de PAN-OS con acceso a la interfaz web de administración realice acciones en el firewall con privilegios de superusuario. Cloud NGFW y Prisma Access no se ven afectados por esta vulnerabilidad.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	7.2	1.2	5.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
4.0	Primary	cve.org	5.9	—	—	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Red
4.0	Secondary	NVD	6.9	—	—	CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:H/U:Red