Tag :
Cyber Security

About the Vulnerability

Introduction

PAN-OS is an operating system developed by Palo Alto Networks, designed to provide comprehensive security protection for enterprise networks. The operating system features high scalability and flexibility, capable of adapting to various sizes and types of network environments. PAN-OS integrates multiple security functions, including firewalls, intrusion detection and prevention, virtual private networks, etc., effectively protecting enterprise networks from various cyber threats. Additionally, PAN-OS offers an intuitive and user-friendly management interface along with powerful analytical tools, helping network administrators to better manage and protect their networks.

Summary

On November 19, 2024, Sangfor FarSight Labs received notification that a Palo Alto Networks PAN-OS component contains information of Authentication Bypass Vulnerability (CVE-2024-0012), classified as high in threat level.

The web interface of Palo Alto Networks PAN-OS contains an authentication bypass vulnerability, which unauthorized attackers can exploit to access the management console, perform administrative operations, or escalate privileges. In severe cases, this can lead to server compromise.

Affected Versions

PAN-OS 10.2 < 10.2.12-h2

PAN-OS 11.0 < 11.0.6-h1

PAN-OS 11.1 < 11.1.5-h1

PAN-OS 11.2 < 11.2.4-h1

Solutions

Official Solution

The latest version has been officially released to fix the vulnerability.

Affected users are strongly advised to update the PAN-OS to the latest version(10.2.12-h2, 11.0.6-h1, 11.1.5-h1, 11.2.4-h1 and versions above).

Download link:https://security.paloaltonetworks.com/CVE-2024-0012

Sangfor Solutions

Risky Assets Detection

Support is provided for the proactive detection of Palo Alto Networks PAN-OS; and it is capable of batch identifying the affected asset conditions of this event in business scenarios. Related products are as follows:

[Sangfor Host Security] has released a detection scheme with Fingerprint ID: 0007237.

Timeline

On November 19, 2024, Sangfor FarSight Labs received notification of Palo Alto Networks PAN-OS Authentication Vulnerability.

On November 19, 2024, Sangfor FarSight Labs released a vulnerability alert.

References

https://security.paloaltonetworks.com/CVE-2024-0012

Listen To This Post

Search

Keyword maximum 256 character

Get in Touch

Get in Touch with Sangfor Team for Business Inquiry

Related Articles

See Other Product

Meet the Author

sangfor building image

Sangfor Technologies

Sangfor Technologies is a leading vendor of Cyber Security and Cloud Computing solutions. The majority of the blogs that you are seeing here are written by professionals working at Sangfor. We have a team of content writers, product managers and marketing experts who are taking care of writing articles on various topics that are relevant to our audience. Our team ensures that the articles published are factually correct and helpful to our customers and partners to know more about the recent trends on Cyber Security and Cloud, and how it can help their organizations.

  • facebook
  • twitter
  • linkedin
  • youtube
  • instagram
See Author's Detail