CVE-2024-8691
CVSS V2 None
CVSS V3 None
Description
A vulnerability in the GlobalProtect portal in Palo Alto Networks PAN-OS software enables a malicious authenticated GlobalProtect user to impersonate another GlobalProtect user. Active GlobalProtect users impersonated by an attacker who is exploiting this vulnerability are disconnected from GlobalProtect. Upon exploitation, PAN-OS logs indicate that the impersonated user authenticated to GlobalProtect, which hides the identity of the attacker.
Overview
- CVE ID
- CVE-2024-8691
- Assigner
- palo_alto
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-09-11T16:43:30.608Z
- Last Modified Date
- 2024-09-11T18:19:46.897Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2024-8691 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-8691 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8691 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-09-12 13:05:00 | Added to TrackCVE |