CVE-2024-0009

Summary

An improper verification vulnerability in the GlobalProtect gateway feature of Palo Alto Networks PAN-OS software enables a malicious user with stolen credentials to establish a VPN connection from an unauthorized IP address.

Affected Software

VendorProductVersion RangeStatus
Palo Alto NetworksPAN-OS9.0unaffected
Palo Alto NetworksPAN-OS9.1unaffected
Palo Alto NetworksPAN-OS10.1unaffected
Palo Alto NetworksPAN-OS10.2 < 10.2.4affected
Palo Alto NetworksPAN-OS11.0 < 11.0.1affected
Palo Alto NetworksPAN-OS11.1unaffected
Palo Alto NetworksPrisma AccessAllunaffected
Palo Alto NetworksCloud NGFWAllunaffected

Weaknesses

  • CWE-940: CWE-940 Improper Verification of Source of a Communication Channel

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References