CVE-2024-8691

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks PAN-OS software (affected versions not specified)

Description: A vulnerability in the GlobalProtect portal enables a malicious authenticated GlobalProtect user to impersonate another GlobalProtect user. Active GlobalProtect users impersonated by an attacker are disconnected from GlobalProtect. Upon exploitation, PAN-OS logs indicate that the impersonated user authenticated to GlobalProtect, which hides the identity of the attacker.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.