Conversation
AttackerKB
attackerkb
New assessment for topic: CVE-2024-0012
Topic description: "An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities like CVE-2024-9474 https://security.paloaltonetworks.com/CVE-2024-9474 . ..."
"Based upon writing a [Metasploit exploit module](https://github.com/rapid7/metasploit-framework/pull/19663) for this exploit chain, I have rated the exploitability of this as very easy, as a target PAN-OS management interface is vulnerable in a default configuration. ..."
Link: https://attackerkb.com/assessments/a360309b-1a6e-424c-961a-f7dfb48113d7
Topic description: "An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities like CVE-2024-9474 https://security.paloaltonetworks.com/CVE-2024-9474 . ..."
"Based upon writing a [Metasploit exploit module](https://github.com/rapid7/metasploit-framework/pull/19663) for this exploit chain, I have rated the exploitability of this as very easy, as a target PAN-OS management interface is vulnerable in a default configuration. ..."
Link: https://attackerkb.com/assessments/a360309b-1a6e-424c-961a-f7dfb48113d7
0
1
0