Vulnerability-Lookup

CVE-2024-8689 (GCVE-0-2024-8689)

Vulnerability from cvelistv5 – Published: 2024-09-11 16:42 – Updated: 2024-09-11 18:24

Title

ActiveMQ Content Pack: Cleartext Exposure of Credentials

Summary

A problem with the ActiveMQ integration for both Cortex XSOAR and Cortex XSIAM can result in the cleartext exposure of the configured ActiveMQ credentials in log bundles.

Severity ?

6 (Medium)


                        
                          CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/AU:N/R:A/V:D/RE:M/U:Amber

CWE

CWE-312 - Cleartext Storage of Sensitive Information

Assigner

palo_alto

References

URL

Tags

https://security.paloaltonetworks.com/CVE-2024-8689

Impacted products

	Vendor	Product	Version
	Palo Alto Networks	ActiveMQ Content Pack	Affected: 1.1.0 , < 1.1.15 (custom)

Credits

Marcel Maeder of Swisscom (Schweiz) AG

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-8689",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-11T18:23:33.866342Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T18:24:17.891Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ActiveMQ Content Pack",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "1.1.15",
                  "status": "unaffected"
                }
              ],
              "lessThan": "1.1.15",
              "status": "affected",
              "version": "1.1.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Marcel Maeder of Swisscom (Schweiz) AG"
        }
      ],
      "datePublic": "2024-09-11T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A problem with the ActiveMQ integration for both Cortex XSOAR and Cortex XSIAM can result in the cleartext exposure of the configured ActiveMQ credentials in log bundles."
            }
          ],
          "value": "A problem with the ActiveMQ integration for both Cortex XSOAR and Cortex XSIAM can result in the cleartext exposure of the configured ActiveMQ credentials in log bundles."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-37",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-37 Retrieve Embedded Sensitive Data"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "AUTOMATIC",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "PASSIVE",
            "valueDensity": "DIFFUSE",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/AU:N/R:A/V:D/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-312",
              "description": "CWE-312 Cleartext Storage of Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-11T16:42:16.113Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2024-8689"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in ActiveMQ Content Pack 1.1.15 and all later versions. You can download the content pack from \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://cortex.marketplace.pan.dev/marketplace/details/ActiveMQ/\"\u003ehttps://cortex.marketplace.pan.dev/marketplace/details/ActiveMQ/\u003c/a\u003e.\u003cbr\u003e\u003cbr\u003eYou should use new ActiveMQ credentials for ActiveMQ integration only after you upgrade it to a fixed version. You should also revoke the previously existing credentials to prevent the misuse of exposed credentials.\u003cbr\u003e"
            }
          ],
          "value": "This issue is fixed in ActiveMQ Content Pack 1.1.15 and all later versions. You can download the content pack from  https://cortex.marketplace.pan.dev/marketplace/details/ActiveMQ/ .\n\nYou should use new ActiveMQ credentials for ActiveMQ integration only after you upgrade it to a fixed version. You should also revoke the previously existing credentials to prevent the misuse of exposed credentials."
        }
      ],
      "source": {
        "defect": [
          "CRTX-105751"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-09-11T16:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "ActiveMQ Content Pack: Cleartext Exposure of Credentials",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-8689",
    "datePublished": "2024-09-11T16:42:16.113Z",
    "dateReserved": "2024-09-11T08:21:14.668Z",
    "dateUpdated": "2024-09-11T18:24:17.891Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-8689\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-11T18:23:33.866342Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-11T18:24:14.316Z\"}}], \"cna\": {\"title\": \"ActiveMQ Content Pack: Cleartext Exposure of Credentials\", \"source\": {\"defect\": [\"CRTX-105751\"], \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Marcel Maeder of Swisscom (Schweiz) AG\"}], \"impacts\": [{\"capecId\": \"CAPEC-37\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-37 Retrieve Embedded Sensitive Data\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"AUTOMATIC\", \"baseScore\": 6, \"Automatable\": \"NO\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"DIFFUSE\", \"vectorString\": \"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/AU:N/R:A/V:D/RE:M/U:Amber\", \"providerUrgency\": \"AMBER\", \"userInteraction\": \"PASSIVE\", \"attackComplexity\": \"HIGH\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"MODERATE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Palo Alto Networks\", \"product\": \"ActiveMQ Content Pack\", \"versions\": [{\"status\": \"affected\", \"changes\": [{\"at\": \"1.1.15\", \"status\": \"unaffected\"}], \"version\": \"1.1.0\", \"lessThan\": \"1.1.15\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"Palo Alto Networks is not aware of any malicious exploitation of this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e\", \"base64\": false}]}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-09-11T16:00:00.000Z\", \"value\": \"Initial publication\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"This issue is fixed in ActiveMQ Content Pack 1.1.15 and all later versions. You can download the content pack from  https://cortex.marketplace.pan.dev/marketplace/details/ActiveMQ/ .\\n\\nYou should use new ActiveMQ credentials for ActiveMQ integration only after you upgrade it to a fixed version. You should also revoke the previously existing credentials to prevent the misuse of exposed credentials.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"This issue is fixed in ActiveMQ Content Pack 1.1.15 and all later versions. You can download the content pack from \u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://cortex.marketplace.pan.dev/marketplace/details/ActiveMQ/\\\"\u003ehttps://cortex.marketplace.pan.dev/marketplace/details/ActiveMQ/\u003c/a\u003e.\u003cbr\u003e\u003cbr\u003eYou should use new ActiveMQ credentials for ActiveMQ integration only after you upgrade it to a fixed version. You should also revoke the previously existing credentials to prevent the misuse of exposed credentials.\u003cbr\u003e\", \"base64\": false}]}], \"datePublic\": \"2024-09-11T16:00:00.000Z\", \"references\": [{\"url\": \"https://security.paloaltonetworks.com/CVE-2024-8689\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A problem with the ActiveMQ integration for both Cortex XSOAR and Cortex XSIAM can result in the cleartext exposure of the configured ActiveMQ credentials in log bundles.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"A problem with the ActiveMQ integration for both Cortex XSOAR and Cortex XSIAM can result in the cleartext exposure of the configured ActiveMQ credentials in log bundles.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-312\", \"description\": \"CWE-312 Cleartext Storage of Sensitive Information\"}]}], \"providerMetadata\": {\"orgId\": \"d6c1279f-00f6-4ef7-9217-f89ffe703ec0\", \"shortName\": \"palo_alto\", \"dateUpdated\": \"2024-09-11T16:42:16.113Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-8689\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-11T18:24:17.891Z\", \"dateReserved\": \"2024-09-11T08:21:14.668Z\", \"assignerOrgId\": \"d6c1279f-00f6-4ef7-9217-f89ffe703ec0\", \"datePublished\": \"2024-09-11T16:42:16.113Z\", \"assignerShortName\": \"palo_alto\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2024-8689

Vulnerability from fkie_nvd - Published: 2024-09-11 17:15 - Updated: 2024-09-12 12:35

Severity ?

6.0 (Medium) - CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/AU:N/R:A/V:D/RE:M/U:Amber

Summary

A problem with the ActiveMQ integration for both Cortex XSOAR and Cortex XSIAM can result in the cleartext exposure of the configured ActiveMQ credentials in log bundles.

References

	URL	Tags
	psirt@paloaltonetworks.com	https://security.paloaltonetworks.com/CVE-2024-8689

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A problem with the ActiveMQ integration for both Cortex XSOAR and Cortex XSIAM can result in the cleartext exposure of the configured ActiveMQ credentials in log bundles."
    },
    {
      "lang": "es",
      "value": "Un problema con la integraci\u00f3n de ActiveMQ tanto para Cortex XSOAR como para Cortex XSIAM puede provocar la exposici\u00f3n de texto plano de las credenciales de ActiveMQ configuradas en paquetes de registros."
    }
  ],
  "id": "CVE-2024-8689",
  "lastModified": "2024-09-12T12:35:54.013",
  "metrics": {
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NO",
          "Recovery": "AUTOMATIC",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "HIGH",
          "attackRequirements": "PRESENT",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 6.0,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "AMBER",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "PASSIVE",
          "valueDensity": "DIFFUSE",
          "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:A/V:D/RE:M/U:Amber",
          "version": "4.0",
          "vulnAvailabilityImpact": "NONE",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "MODERATE"
        },
        "source": "psirt@paloaltonetworks.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-09-11T17:15:14.380",
  "references": [
    {
      "source": "psirt@paloaltonetworks.com",
      "url": "https://security.paloaltonetworks.com/CVE-2024-8689"
    }
  ],
  "sourceIdentifier": "psirt@paloaltonetworks.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-312"
        }
      ],
      "source": "psirt@paloaltonetworks.com",
      "type": "Secondary"
    }
  ]
}

CVE-2024-8689

Vulnerability from fstec - Published: 11.09.2024

Title

Уязвимость брокера сообщений ActiveMQ платформ безопасности Cortex XSOAR и Cortex XSIAM, связанная с хранением защищаемой информации в незашифрованном виде, позволяющая нарушителю раскрыть защищаемую информацию

Description

Уязвимость брокера сообщений ActiveMQ платформ безопасности Cortex XSOAR и Cortex XSIAM связана с хранением защищаемой информации в незашифрованном виде. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, раскрыть защищаемую информацию

Severity ?


                    
                      AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Vendor

Palo Alto Networks Inc.

Software Name

ActiveMQ

Software Version

до 1.1.15 (ActiveMQ)

Possible Mitigations

Использование рекомендаций: https://security.paloaltonetworks.com/CVE-2024-8689

Reference

https://security.paloaltonetworks.com/CVE-2024-8689 https://vuldb.com/?id.277242 https://cortex.marketplace.pan.dev/marketplace/details/ActiveMQ/

CWE

CWE-310, CWE-312

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:H/Au:N/C:C/I:N/A:N",
  "CVSS 3.0": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Palo Alto Networks Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 1.1.15 (ActiveMQ)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://security.paloaltonetworks.com/CVE-2024-8689",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "11.09.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "11.11.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "11.11.2024",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-09285",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-8689",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "ActiveMQ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0440\u043e\u043a\u0435\u0440\u0430 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439 ActiveMQ \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Cortex XSOAR \u0438 Cortex XSIAM, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u0435\u043c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0432 \u043d\u0435\u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u0432\u0438\u0434\u0435, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0438 (CWE-310), \u041d\u0435\u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 (CWE-312)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0440\u043e\u043a\u0435\u0440\u0430 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439 ActiveMQ \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Cortex XSOAR \u0438 Cortex XSIAM \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u0435\u043c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0432 \u043d\u0435\u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u0432\u0438\u0434\u0435. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "\u0414\u0430\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0431\u0440\u043e\u043a\u0435\u0440 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439 ActiveMQ, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430\u043c\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Cortex XSOAR \u0438 Cortex XSIAM.",
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0441\u0431\u043e\u0440 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://security.paloaltonetworks.com/CVE-2024-8689\nhttps://vuldb.com/?id.277242\nhttps://cortex.marketplace.pan.dev/marketplace/details/ActiveMQ/",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-310, CWE-312",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,4)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,9)"
}

GHSA-46Q2-6XFQ-6Q9P

Vulnerability from github – Published: 2024-09-11 18:31 – Updated: 2024-09-11 18:31

Details

A problem with the ActiveMQ integration for both Cortex XSOAR and Cortex XSIAM can result in the cleartext exposure of the configured ActiveMQ credentials in log bundles.

Severity ?

6.0 (Medium)


                  
                    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/AU:N/R:A/V:D/RE:M/U:Amber

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-8689"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-11T17:15:14Z",
    "severity": "MODERATE"
  },
  "details": "A problem with the ActiveMQ integration for both Cortex XSOAR and Cortex XSIAM can result in the cleartext exposure of the configured ActiveMQ credentials in log bundles.",
  "id": "GHSA-46q2-6xfq-6q9p",
  "modified": "2024-09-11T18:31:08Z",
  "published": "2024-09-11T18:31:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8689"
    },
    {
      "type": "WEB",
      "url": "https://security.paloaltonetworks.com/CVE-2024-8689"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:A/V:D/RE:M/U:Amber",
      "type": "CVSS_V4"
    }
  ]
}

CERTFR-2024-AVI-0770

Vulnerability from certfr_avis - Published: 2024-09-12 - Updated: 2024-09-12

De multiples vulnérabilités ont été découvertes dans les produits Palo Alto Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et un contournement de la politique de sécurité.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Palo Alto Networks	PAN-OS	PAN-OS versions 10.0.x antérieures à 10.0.12
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 5.1.x antérieures à 5.1.12
Palo Alto Networks	PAN-OS	PAN-OS versions 11.0.x antérieures à 11.0.1
Palo Alto Networks	Prisma Access	Prisma Access versions antérieures à 10.2.9 sur PAN-OS
Palo Alto Networks	PAN-OS	PAN-OS versions 9.0.x antérieures à 9.0.17
Palo Alto Networks	PAN-OS	PAN-OS versions 11.2.x antérieures à 11.2.3
Palo Alto Networks	ActiveMQ Content Pack	ActiveMQ Content Pack versions 1.1.x antérieures à 1.1.15
Palo Alto Networks	PAN-OS	PAN-OS versions 10.1.x antérieures à 10.1.11
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 6.2.x antérieures à 6.2.1
Palo Alto Networks	Cortex XDR Agent	Cortex XDR Agent toutes versions antérieures à 8.2
Palo Alto Networks	Prisma Access Browser	Prisma Access Browser versions 128.x.x.x postérieures à 128.91.2869.7 et antérieures à 128.138.2888.2
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.x antérieures à 10.2.4
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 6.0.x antérieures à 6.0.7
Palo Alto Networks	PAN-OS	PAN-OS versions 8.1.x antérieures à 8.1.25
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 5.2.x antérieures à 5.2.13
Palo Alto Networks	PAN-OS	PAN-OS versions 9.1.x antérieures à 9.1.17
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 6.1.x antérieures à 6.1.2

References

Title

Publication Time

Tags

Bulletin de sécurité Palo Alto Networks PAN-219031 et PAN-192893	2024-09-11	vendor-advisory
Bulletin de sécurité Palo Alto Networks PAN-204689 et GPC-16848	2024-09-11	vendor-advisory
Bulletin de sécurité Palo Alto Networks PAN-151792 et PAN-82874	2024-09-11	vendor-advisory
Bulletin de sécurité Palo Alto Networks CPATR-20644	2024-09-11	vendor-advisory
Bulletin de sécurité Palo Alto Networks CRTX-105751	2024-09-11	vendor-advisory
Bulletin de sécurité Palo Alto Networks PAN-SA-2024-0009	2024-09-11	vendor-advisory
Bulletin de sécurité Palo Alto Networks PAN-263321	2024-09-11	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "PAN-OS versions 10.0.x ant\u00e9rieures \u00e0 10.0.12",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App versions 5.1.x ant\u00e9rieures \u00e0 5.1.12",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.0.x ant\u00e9rieures \u00e0 11.0.1",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma Access versions ant\u00e9rieures \u00e0 10.2.9 sur PAN-OS",
      "product": {
        "name": "Prisma Access",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 9.0.x ant\u00e9rieures \u00e0 9.0.17",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.2.x ant\u00e9rieures \u00e0 11.2.3",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "ActiveMQ Content Pack versions 1.1.x ant\u00e9rieures \u00e0 1.1.15",
      "product": {
        "name": "ActiveMQ Content Pack",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.1.x ant\u00e9rieures \u00e0 10.1.11",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App versions 6.2.x ant\u00e9rieures \u00e0 6.2.1",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Cortex XDR Agent toutes versions ant\u00e9rieures \u00e0 8.2",
      "product": {
        "name": "Cortex XDR Agent",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma Access Browser versions 128.x.x.x post\u00e9rieures \u00e0 128.91.2869.7 et ant\u00e9rieures \u00e0 128.138.2888.2",
      "product": {
        "name": "Prisma Access Browser",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2.x ant\u00e9rieures \u00e0 10.2.4",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App versions 6.0.x ant\u00e9rieures \u00e0 6.0.7",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 8.1.x ant\u00e9rieures \u00e0 8.1.25",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App versions 5.2.x ant\u00e9rieures \u00e0 5.2.13",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 9.1.x ant\u00e9rieures \u00e0 9.1.17",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App versions 6.1.x ant\u00e9rieures \u00e0 6.1.2",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-8193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8193"
    },
    {
      "name": "CVE-2024-7976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7976"
    },
    {
      "name": "CVE-2024-7973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7973"
    },
    {
      "name": "CVE-2024-7969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7969"
    },
    {
      "name": "CVE-2024-8691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8691"
    },
    {
      "name": "CVE-2024-8035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8035"
    },
    {
      "name": "CVE-2024-7980",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7980"
    },
    {
      "name": "CVE-2024-7975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7975"
    },
    {
      "name": "CVE-2024-7964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7964"
    },
    {
      "name": "CVE-2024-8636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8636"
    },
    {
      "name": "CVE-2024-7968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7968"
    },
    {
      "name": "CVE-2024-8686",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8686"
    },
    {
      "name": "CVE-2024-8638",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8638"
    },
    {
      "name": "CVE-2024-8639",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8639"
    },
    {
      "name": "CVE-2024-7977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7977"
    },
    {
      "name": "CVE-2024-8362",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8362"
    },
    {
      "name": "CVE-2024-8687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8687"
    },
    {
      "name": "CVE-2024-7966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7966"
    },
    {
      "name": "CVE-2024-7979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7979"
    },
    {
      "name": "CVE-2024-7974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7974"
    },
    {
      "name": "CVE-2024-8637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8637"
    },
    {
      "name": "CVE-2024-7972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7972"
    },
    {
      "name": "CVE-2024-7967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7967"
    },
    {
      "name": "CVE-2024-8689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8689"
    },
    {
      "name": "CVE-2024-8198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8198"
    },
    {
      "name": "CVE-2024-8688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8688"
    },
    {
      "name": "CVE-2024-8034",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8034"
    },
    {
      "name": "CVE-2024-7970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7970"
    },
    {
      "name": "CVE-2024-8690",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8690"
    },
    {
      "name": "CVE-2024-7981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7981"
    },
    {
      "name": "CVE-2024-8033",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8033"
    },
    {
      "name": "CVE-2024-8194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8194"
    },
    {
      "name": "CVE-2024-7978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7978"
    },
    {
      "name": "CVE-2024-7971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7971"
    },
    {
      "name": "CVE-2024-7965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7965"
    }
  ],
  "initial_release_date": "2024-09-12T00:00:00",
  "last_revision_date": "2024-09-12T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0770",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-09-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Palo Alto Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Palo Alto Networks",
  "vendor_advisories": [
    {
      "published_at": "2024-09-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-219031 et PAN-192893",
      "url": "https://security.paloaltonetworks.com/CVE-2024-8691"
    },
    {
      "published_at": "2024-09-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-204689 et GPC-16848",
      "url": "https://security.paloaltonetworks.com/CVE-2024-8687"
    },
    {
      "published_at": "2024-09-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-151792 et PAN-82874",
      "url": "https://security.paloaltonetworks.com/CVE-2024-8688"
    },
    {
      "published_at": "2024-09-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CPATR-20644",
      "url": "https://security.paloaltonetworks.com/CVE-2024-8690"
    },
    {
      "published_at": "2024-09-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CRTX-105751",
      "url": "https://security.paloaltonetworks.com/CVE-2024-8689"
    },
    {
      "published_at": "2024-09-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-SA-2024-0009",
      "url": "https://security.paloaltonetworks.com/PAN-SA-2024-0009"
    },
    {
      "published_at": "2024-09-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-263321",
      "url": "https://security.paloaltonetworks.com/CVE-2024-8686"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-8689 (GCVE-0-2024-8689)

FKIE_CVE-2024-8689

CVE-2024-8689

GHSA-46Q2-6XFQ-6Q9P

CERTFR-2024-AVI-0770

Solutions

Tags

Sightings

Nomenclature