CVE-2024-0008

CVSS 3.1 Score 6.6 of 10 (medium)

Details

Published Feb 14, 2024
Updated: Feb 15, 2024
CWE ID 613

Summary

CVE-2024-0008 refers to a vulnerability in the Palo Alto Networks PAN-OS software's management interface. The issue at hand is that web sessions in this interface do not expire under specific conditions, rendering the interface susceptible to unauthorized access. An attacker could potentially exploit this vulnerability by maintaining a persistent session, even after logging out or closing the browser. This lack of session expiration increases the risk of unauthorized access, potentially leading to serious security implications. It is strongly advised that affected organizations apply the necessary patches or updates to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share