Palo Alto Networks Security Advisories / CVE-2024-5906

CVE-2024-5906 Prisma Cloud Compute: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface

047910
Severity 4.8 · MEDIUM
Urgency MODERATE
Response Effort MODERATE
Recovery AUTOMATIC
Value Density DIFFUSE
Attack Vector NETWORK
Attack Complexity LOW
Attack Requirements NONE
Automatable NO
User Interaction PASSIVE
Product Confidentiality LOW
Product Integrity LOW
Product Availability NONE
Privileges Required HIGH
Subsequent Confidentiality NONE
Subsequent Integrity NONE
Subsequent Availability NONE
NVD JSON
Published 2024-06-12
Updated 2024-06-12
Reference CWP-56273
Discovered externally

Description

A cross-site scripting (XSS) vulnerability in Palo Alto Networks Prisma Cloud Compute software enables a malicious administrator with add/edit permissions for identity providers to store a JavaScript payload using the web interface on Prisma Cloud Compute. This enables a malicious administrator to perform actions in the context of another user's browser when accessed by that other user.

Product Status

VersionsAffectedUnaffected
Prisma Cloud Compute 32< 32.05 (O’Neal - Update 5)>= 32.05 (O’Neal - Update 5)

Severity: MEDIUM

CVSSv4.0 Base Score: 4.8 (CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/AU:N/R:A/V:D/RE:M/U:Amber)

Exploitation Status

Palo Alto Networks is not aware of any malicious exploitation of this issue.

Weakness Type

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Solution

This issue is fixed in Prisma Cloud Compute 32.05 (O'Neal - Update 5) and all later versions.

Acknowledgments

Palo Alto Networks thanks Tomasz Stachowicz for discovering and reporting this issue.

Timeline

Initial publication
Terms of usePrivacyProduct Security Assurance and Vulnerability Disclosure PolicyReport vulnerabilitiesManage subscriptions
© 2024 Palo Alto Networks, Inc. All rights reserved.