/

CVE-2024-0010 Report - Details, Severity, & Advisories

CVE-2024-0010 Report - Details, Severity, & Advisories

Twingate Team

May 9, 2024

CVE-2024-0010 is a medium-severity vulnerability affecting the GlobalProtect portal feature of Palo Alto Networks PAN-OS software. This reflected cross-site scripting (XSS) vulnerability allows the execution of malicious JavaScript in a user's browser if they click on a malicious link, potentially leading to phishing attacks and credential theft. While the specific types of systems affected are not explicitly mentioned, it can be inferred that systems running the GlobalProtect portal feature of Palo Alto Networks PAN-OS software are at risk.

How do I know if I'm affected?

To determine if you're affected by the CVE-2024-0010 vulnerability, you'll need to check if you're using the GlobalProtect portal feature of Palo Alto Networks PAN-OS software. The affected versions are PAN-OS 10.1 (versions less than 10.1.11-h1 and less than 10.1.12), PAN-OS 9.1 (versions less than 9.1.17), and PAN-OS 9.0 (versions less than 9.0.17-h4). If your system runs any of these versions with the GlobalProtect portal enabled, you may be at risk.

What should I do if I'm affected?

If you're affected by the CVE-2024-0010 vulnerability, it's crucial to take action. Upgrade your PAN-OS software to a secure version, such as PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.11-h1, or PAN-OS 10.1.12. If you have a Threat Prevention subscription, enable Threat ID 94972 to block potential attacks.

Is CVE-2024-0010 in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2024-0010 vulnerability is not listed in CISA's Known Exploited Vulnerabilities Catalog. This medium-severity issue affects the GlobalProtect portal feature of Palo Alto Networks PAN-OS software and could lead to phishing attacks and credential theft if a user clicks on a malicious link. To protect against this vulnerability, users should avoid clicking on suspicious links and monitor updates from Palo Alto Networks for further information and potential solutions.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-79, it is a type of cross-site scripting (XSS) issue that can lead to phishing attacks and credential theft if a user clicks on a malicious link.

For more details

For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, refer to the NVD or the resources listed below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

CVE-2024-0010 Report - Details, Severity, & Advisories

CVE-2024-0010 Report - Details, Severity, & Advisories

Twingate Team

May 9, 2024

CVE-2024-0010 is a medium-severity vulnerability affecting the GlobalProtect portal feature of Palo Alto Networks PAN-OS software. This reflected cross-site scripting (XSS) vulnerability allows the execution of malicious JavaScript in a user's browser if they click on a malicious link, potentially leading to phishing attacks and credential theft. While the specific types of systems affected are not explicitly mentioned, it can be inferred that systems running the GlobalProtect portal feature of Palo Alto Networks PAN-OS software are at risk.

How do I know if I'm affected?

To determine if you're affected by the CVE-2024-0010 vulnerability, you'll need to check if you're using the GlobalProtect portal feature of Palo Alto Networks PAN-OS software. The affected versions are PAN-OS 10.1 (versions less than 10.1.11-h1 and less than 10.1.12), PAN-OS 9.1 (versions less than 9.1.17), and PAN-OS 9.0 (versions less than 9.0.17-h4). If your system runs any of these versions with the GlobalProtect portal enabled, you may be at risk.

What should I do if I'm affected?

If you're affected by the CVE-2024-0010 vulnerability, it's crucial to take action. Upgrade your PAN-OS software to a secure version, such as PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.11-h1, or PAN-OS 10.1.12. If you have a Threat Prevention subscription, enable Threat ID 94972 to block potential attacks.

Is CVE-2024-0010 in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2024-0010 vulnerability is not listed in CISA's Known Exploited Vulnerabilities Catalog. This medium-severity issue affects the GlobalProtect portal feature of Palo Alto Networks PAN-OS software and could lead to phishing attacks and credential theft if a user clicks on a malicious link. To protect against this vulnerability, users should avoid clicking on suspicious links and monitor updates from Palo Alto Networks for further information and potential solutions.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-79, it is a type of cross-site scripting (XSS) issue that can lead to phishing attacks and credential theft if a user clicks on a malicious link.

For more details

For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, refer to the NVD or the resources listed below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

CVE-2024-0010 Report - Details, Severity, & Advisories

Twingate Team

May 9, 2024

CVE-2024-0010 is a medium-severity vulnerability affecting the GlobalProtect portal feature of Palo Alto Networks PAN-OS software. This reflected cross-site scripting (XSS) vulnerability allows the execution of malicious JavaScript in a user's browser if they click on a malicious link, potentially leading to phishing attacks and credential theft. While the specific types of systems affected are not explicitly mentioned, it can be inferred that systems running the GlobalProtect portal feature of Palo Alto Networks PAN-OS software are at risk.

How do I know if I'm affected?

To determine if you're affected by the CVE-2024-0010 vulnerability, you'll need to check if you're using the GlobalProtect portal feature of Palo Alto Networks PAN-OS software. The affected versions are PAN-OS 10.1 (versions less than 10.1.11-h1 and less than 10.1.12), PAN-OS 9.1 (versions less than 9.1.17), and PAN-OS 9.0 (versions less than 9.0.17-h4). If your system runs any of these versions with the GlobalProtect portal enabled, you may be at risk.

What should I do if I'm affected?

If you're affected by the CVE-2024-0010 vulnerability, it's crucial to take action. Upgrade your PAN-OS software to a secure version, such as PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.11-h1, or PAN-OS 10.1.12. If you have a Threat Prevention subscription, enable Threat ID 94972 to block potential attacks.

Is CVE-2024-0010 in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2024-0010 vulnerability is not listed in CISA's Known Exploited Vulnerabilities Catalog. This medium-severity issue affects the GlobalProtect portal feature of Palo Alto Networks PAN-OS software and could lead to phishing attacks and credential theft if a user clicks on a malicious link. To protect against this vulnerability, users should avoid clicking on suspicious links and monitor updates from Palo Alto Networks for further information and potential solutions.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-79, it is a type of cross-site scripting (XSS) issue that can lead to phishing attacks and credential theft if a user clicks on a malicious link.

For more details

For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, refer to the NVD or the resources listed below.