CVE-2024-8687— PAN-OS: Cleartext Exposure of GlobalProtect Portal Passcodes

EPSS 0.38% · P60 Updated Jan 25, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-8687

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

PAN-OS: Cleartext Exposure of GlobalProtect Portal Passcodes

Source: NVD (National Vulnerability Database)

Vulnerability Description

An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configured disable or disconnect passcode. After the password or passcode is known, end users can uninstall, disable, or disconnect GlobalProtect even if the GlobalProtect app configuration would not normally permit them to do so.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

将系统数据暴露到未授权控制的范围

Source: NVD (National Vulnerability Database)

Vulnerability Title

Palo Alto Networks PAN-OS 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Palo Alto Networks PAN-OS是美国Palo Alto Networks公司的一套为其防火墙设备开发的操作系统。 Palo Alto Networks PAN-OS存在安全漏洞，该漏洞源于信息暴露，使得GlobalProtect端用户能够获知配置的GlobalProtect卸载密码和配置的禁用或断开连接的密码，从而导致即使按GlobalProtect应用程序配置通常不允许的情况下，终端用户也可以进行卸载、禁用或断开操作。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE
Palo Alto Networks	PAN-OS	11.0.0 ~ 11.0.1	-
Palo Alto Networks	GlobalProtect App	5.1.0 ~ 5.1.12	-
Palo Alto Networks	Cloud NGFW	-	-
Palo Alto Networks	Prisma Access	10.2.0 ~ 10.2.9 on PAN-OS	-

II. Public POCs for CVE-2024-8687

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2024-8687

请登录查看更多情报信息。

Same Patch Batch · Palo Alto Networks · 2024-09-11 · 6 CVEs total

CVE-2024-8691		PAN-OS: User Impersonation in GlobalProtect Portal
CVE-2024-8690		Cortex XDR Agent: Local Windows Administrator Can Disable the Agent
CVE-2024-8689		ActiveMQ Content Pack: Cleartext Exposure of Credentials
CVE-2024-8688		PAN-OS: Arbitrary File Read Vulnerability in the Command Line Interface (CLI)
CVE-2024-8686		PAN-OS: Command Injection Vulnerability

IV. Related Vulnerabilities

Same product: PAN-OS

Same vendor: Palo Alto Networks

Same weakness: CWE-497

V. Comments for CVE-2024-8687

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2024-8687— PAN-OS: Cleartext Exposure of GlobalProtect Portal Passcodes

I. Basic Information for CVE-2024-8687

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2024-8687

III. Intelligence Information for CVE-2024-8687

Same Patch Batch · Palo Alto Networks · 2024-09-11 · 6 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2024-8687

Leave a comment