PT-2024-39177 · Palo Alto Networks · Pan-Os
Claudiu Pancotan
·
Published
2024-09-11
·
Updated
2024-11-21
·
CVE-2024-8687
CVSS v3.1
7.1
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H |
Name of the Vulnerable Software and Affected Versions:
Palo Alto Networks PAN-OS (affected versions not specified)
Description:
An information exposure issue exists in the software, allowing a GlobalProtect end user to obtain the configured GlobalProtect uninstall password and the configured disable or disconnect passcode. With this information, end users can uninstall, disable, or disconnect GlobalProtect, even if the app configuration would not normally permit such actions.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Pan-Os