CVE-2024-8687— Palo Alto Networks PAN-OS 安全漏洞

PAN-OS: Cleartext Exposure of GlobalProtect Portal Passcodes

An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configured disable or disconnect passcode. After the password or passcode is known, end users can uninstall, disable, or disconnect GlobalProtect even if the GlobalProtect app configuration would not normally permit them to do so.

N/A

将系统数据暴露到未授权控制的范围

Palo Alto Networks PAN-OS 安全漏洞

Palo Alto Networks PAN-OS是美国Palo Alto Networks公司的一套为其防火墙设备开发的操作系统。 Palo Alto Networks PAN-OS存在安全漏洞，该漏洞源于信息暴露，使得GlobalProtect端用户能够获知配置的GlobalProtect卸载密码和配置的禁用或断开连接的密码，从而导致即使按GlobalProtect应用程序配置通常不允许的情况下，终端用户也可以进行卸载、禁用或断开操作。

N/A

N/A