CVE-2024-5917 PAN-OS: Server-Side Request Forgery in WildFire
Exploit Maturity
UNREPORTED
Response Effort
MODERATE
Recovery
AUTOMATIC
Value Density
DIFFUSE
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
PRESENT
Automatable
NO
User Interaction
NONE
Product Confidentiality
NONE
Product Integrity
LOW
Product Availability
NONE
Privileges Required
NONE
Subsequent Confidentiality
LOW
Subsequent Integrity
NONE
Subsequent Availability
NONE
Description
A server-side request forgery in PAN-OS software enables an unauthenticated attacker to use the administrative web interface as a proxy, which enables the attacker to view internal network resources not otherwise accessible.
Product Status
Versions | Affected | Unaffected |
---|---|---|
Cloud NGFW | None | All |
PAN-OS 11.2 | None | All |
PAN-OS 11.1 | None | All |
PAN-OS 11.0 | None | All |
PAN-OS 10.2 | < 10.2.2 | >= 10.2.2 |
PAN-OS 10.1 | < 10.1.7 | >= 10.1.7 |
Required Configuration for Exposure
Your network is impacted only if you enabled the WildFire Forwarding feature in your firewall. You can find this setting at Device → Setup → WildFire.
Severity: LOW, Suggested Urgency: MODERATE
CVSS-BT: 1.7 / CVSS-B: 6.3 (CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:N/SA:N/E:U/AU:N/R:A/V:D/RE:M/U:Amber)
Exploitation Status
Palo Alto Networks is not aware of any malicious exploitation of this issue.
Weakness Type and Impact
CWE-918 Server-Side Request Forgery (SSRF)
CAPEC-664 Server Side Request Forgery
Solution
This issue is fixed in PAN-OS 10.1.7, PAN-OS 10.2.2, and all later PAN-OS versions.
Acknowledgments
Palo Alto Networks thanks Michael Baker from AC3 for discovering and reporting the issue.
Timeline
Initial publication