/

CVE-2024-2433 Report - Details, Severity, & Advisories

CVE-2024-2433 Report - Details, Severity, & Advisories

Twingate Team

May 9, 2024

CVE-2024-2433 is a medium-severity vulnerability affecting Palo Alto Networks Panorama software. This improper authorization issue allows an authenticated read-only administrator to upload files via the web interface, potentially filling a disk partition and preventing access to the web interface or the ability to download PAN-OS, WildFire, and content images. The vulnerability specifically impacts the web interface of the management plane and affects systems running the Panorama software where an authenticated read-only administrator has access.

How do I know if I'm affected?

To determine if you're affected by the CVE-2024-2433 vulnerability, check if you're using Palo Alto Networks Panorama software with versions PAN-OS 11.0, PAN-OS 10.2, PAN-OS 10.1, PAN-OS 9.1, or PAN-OS 9.0. Signs of being affected include the inability to log into the web interface or download PAN-OS, WildFire, and content images due to a disk partition being filled with uploaded files. This issue only impacts the web interface of the management plane, leaving the dataplane unaffected.

What should I do if I'm affected?

If you're affected by the CVE-2024-2433 vulnerability, update your Panorama software to a fixed version, such as PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.12, PAN-OS 10.2.8, or PAN-OS 11.0.3. Follow the Best Practices for Securing Administrative Access and clear the affected disk partition using the CLI instructions.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2024-2433 vulnerability is indeed listed in CISA's Known Exploited Vulnerabilities Catalog. It is an improper authorization vulnerability in Palo Alto Networks Panorama software. The vulnerability was added to the catalog on March 13, 2024. However, the due date and required action are not provided. In simple terms, this security issue allows someone with limited access to upload files and fill up disk space, potentially preventing others from logging in or downloading certain software.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-269 involves improper privilege management in Palo Alto Networks Panorama software, allowing limited-access administrators to upload files and fill disk space, potentially causing availability loss.

For more details

CVE-2024-2433 is a medium-severity vulnerability in Palo Alto Networks Panorama software, which can lead to availability loss due to improper privilege management. For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, refer to the NVD or the links provided below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

CVE-2024-2433 Report - Details, Severity, & Advisories

CVE-2024-2433 Report - Details, Severity, & Advisories

Twingate Team

May 9, 2024

CVE-2024-2433 is a medium-severity vulnerability affecting Palo Alto Networks Panorama software. This improper authorization issue allows an authenticated read-only administrator to upload files via the web interface, potentially filling a disk partition and preventing access to the web interface or the ability to download PAN-OS, WildFire, and content images. The vulnerability specifically impacts the web interface of the management plane and affects systems running the Panorama software where an authenticated read-only administrator has access.

How do I know if I'm affected?

To determine if you're affected by the CVE-2024-2433 vulnerability, check if you're using Palo Alto Networks Panorama software with versions PAN-OS 11.0, PAN-OS 10.2, PAN-OS 10.1, PAN-OS 9.1, or PAN-OS 9.0. Signs of being affected include the inability to log into the web interface or download PAN-OS, WildFire, and content images due to a disk partition being filled with uploaded files. This issue only impacts the web interface of the management plane, leaving the dataplane unaffected.

What should I do if I'm affected?

If you're affected by the CVE-2024-2433 vulnerability, update your Panorama software to a fixed version, such as PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.12, PAN-OS 10.2.8, or PAN-OS 11.0.3. Follow the Best Practices for Securing Administrative Access and clear the affected disk partition using the CLI instructions.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2024-2433 vulnerability is indeed listed in CISA's Known Exploited Vulnerabilities Catalog. It is an improper authorization vulnerability in Palo Alto Networks Panorama software. The vulnerability was added to the catalog on March 13, 2024. However, the due date and required action are not provided. In simple terms, this security issue allows someone with limited access to upload files and fill up disk space, potentially preventing others from logging in or downloading certain software.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-269 involves improper privilege management in Palo Alto Networks Panorama software, allowing limited-access administrators to upload files and fill disk space, potentially causing availability loss.

For more details

CVE-2024-2433 is a medium-severity vulnerability in Palo Alto Networks Panorama software, which can lead to availability loss due to improper privilege management. For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, refer to the NVD or the links provided below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

CVE-2024-2433 Report - Details, Severity, & Advisories

Twingate Team

May 9, 2024

CVE-2024-2433 is a medium-severity vulnerability affecting Palo Alto Networks Panorama software. This improper authorization issue allows an authenticated read-only administrator to upload files via the web interface, potentially filling a disk partition and preventing access to the web interface or the ability to download PAN-OS, WildFire, and content images. The vulnerability specifically impacts the web interface of the management plane and affects systems running the Panorama software where an authenticated read-only administrator has access.

How do I know if I'm affected?

To determine if you're affected by the CVE-2024-2433 vulnerability, check if you're using Palo Alto Networks Panorama software with versions PAN-OS 11.0, PAN-OS 10.2, PAN-OS 10.1, PAN-OS 9.1, or PAN-OS 9.0. Signs of being affected include the inability to log into the web interface or download PAN-OS, WildFire, and content images due to a disk partition being filled with uploaded files. This issue only impacts the web interface of the management plane, leaving the dataplane unaffected.

What should I do if I'm affected?

If you're affected by the CVE-2024-2433 vulnerability, update your Panorama software to a fixed version, such as PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.12, PAN-OS 10.2.8, or PAN-OS 11.0.3. Follow the Best Practices for Securing Administrative Access and clear the affected disk partition using the CLI instructions.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2024-2433 vulnerability is indeed listed in CISA's Known Exploited Vulnerabilities Catalog. It is an improper authorization vulnerability in Palo Alto Networks Panorama software. The vulnerability was added to the catalog on March 13, 2024. However, the due date and required action are not provided. In simple terms, this security issue allows someone with limited access to upload files and fill up disk space, potentially preventing others from logging in or downloading certain software.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-269 involves improper privilege management in Palo Alto Networks Panorama software, allowing limited-access administrators to upload files and fill disk space, potentially causing availability loss.

For more details

CVE-2024-2433 is a medium-severity vulnerability in Palo Alto Networks Panorama software, which can lead to availability loss due to improper privilege management. For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, refer to the NVD or the links provided below.