CVE-2024-2433
CVSS V2 None
CVSS V3 None
Description
An improper authorization vulnerability in Palo Alto Networks Panorama software enables an authenticated read-only administrator to upload files using the web interface and completely fill one of the disk partitions with those uploaded files, which prevents the ability to log into the web interface or to download PAN-OS, WildFire, and content images.
This issue affects only the web interface of the management plane; the dataplane is unaffected.
Overview
- CVE ID
- CVE-2024-2433
- Assigner
- palo_alto
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-03-13T17:51:45.578Z
- Last Modified Date
- 2024-03-13T17:51:45.578Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2024-2433 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-2433 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2433 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-25 23:10:17 | Added to TrackCVE |