CVE-2024-5916

Summary

An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local system administrator to unintentionally disclose secrets, passwords, and tokens of external systems. A read-only administrator who has access to the config log, can read secrets, passwords, and tokens to external systems.

Affected Software

VendorProductVersion RangeStatus
Palo Alto NetworksPAN-OS9.1unaffected
Palo Alto NetworksPAN-OS10.1unaffected
Palo Alto NetworksPAN-OS10.2 < 10.2.8affected
Palo Alto NetworksPAN-OS11.0 < 11.0.4affected
Palo Alto NetworksPAN-OS11.1unaffected
Palo Alto NetworksCloud NGFWBefore 8/15affected
Palo Alto NetworksCloud NGFWOn or after 8/15unaffected
Palo Alto NetworksCloud NGFWBefore 8/23affected
Palo Alto NetworksCloud NGFWOn or after 8/23unaffected
Palo Alto NetworksPrisma AccessAllunaffected

Weaknesses

  • CWE-313: CWE-313: Cleartext Storage in a File or on Disk

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References