CVE-2024-2431

Summary

An issue in the Palo Alto Networks GlobalProtect app enables a non-privileged user to disable the GlobalProtect app in configurations that allow a user to disable GlobalProtect with a passcode.

Affected Software

VendorProductVersion RangeStatus
Palo Alto NetworksGlobalProtect App6.0 < 6.0.4affected
Palo Alto NetworksGlobalProtect App5.1 < 5.1.12affected
Palo Alto NetworksGlobalProtect App5.2 < 5.2.13affected
Palo Alto NetworksGlobalProtect App6.1 < 6.1.1affected
Palo Alto NetworksGlobalProtect App6.2unaffected

Weaknesses

  • CWE-269: CWE-269 Improper Privilege Management

Workarounds

You can mitigate this issue by setting "Allow User to Disable GlobalProtect App" to "Disallow" or "Allow with Ticket."

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References