First published: Wed Nov 13 2024(Updated: )
A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker to exfiltrate arbitrary files from firewalls to an attacker controlled server. This attack requires network access to the firewall management interface.
Credit: psirt@paloaltonetworks.com
Affected Software | Affected Version | How to fix |
---|---|---|
Palo Alto Networks PAN-OS | >=10.1.0<10.1.10 | |
Palo Alto Networks PAN-OS | >=10.2.0<10.2.5 | |
Palo Alto Networks PAN-OS | >=11.0.0<11.0.2 | |
Palo Alto Networks Cloud NGFW | ||
Palo Alto PAN-OS | <11.0.2=11.0.0<10.2.5=10.2.0<10.1.10=10.1.0 | 11.0.2 10.2.5 10.1.10 |
Prisma |
This issue is fixed in PAN-OS 10.1.10, PAN-OS 10.2.5, PAN-OS 11.0.2, and all later PAN-OS versions.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-5919 is classified as a critical severity vulnerability due to its potential for file exfiltration.
To mitigate CVE-2024-5919, update your PAN-OS to versions 10.2.6 or later, 10.1.11 or later, or 11.0.3 or later.
CVE-2024-5919 affects Palo Alto Networks PAN-OS versions below 10.2.6, 10.1.11, and 11.0.3.
The impact of CVE-2024-5919 allows an authenticated attacker to exfiltrate sensitive files from the firewall.
CVE-2024-5919 requires network access to the firewall management interface, limiting its exploitation.