CVE-2024-0012 - Vulnerability Details

An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities like CVE-2024-9474 https://security.paloaltonetworks.com/CVE-2024-9474 .

The risk of this issue is greatly reduced if you secure access to the management web interface by restricting access to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .

This issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, PAN-OS 11.1, and PAN-OS 11.2 software.

Cloud NGFW and Prisma Access are not impacted by this vulnerability.

Attack Vector Network

Attack Complexity Low

Privileges Required High

Attack Requirements Present

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is in the KEV database since Nov. 18, 2024.

The EPSS score is 0.94234.

Exploitation active

Automatable yes

Technical Impact total

Vendors	Products
Paloaltonetworks	Pan-os

Configuration 1 [-]

OR	cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:-::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h1::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h4::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h6::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:-::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h1::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h3::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h16::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h10::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h13::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h4::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h11::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h14::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h4::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h5::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h7::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:-::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h1::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h2::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h3::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h4::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:-::::::
	cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h1::::::
	cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-::::::
	cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:-::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h1::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h10::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h12::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h3::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h5::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:-::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h1::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h2::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h5::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:-::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:h1::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.0.6:-::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h1::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h2::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h3::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:-::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:h1::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:-::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h1::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h12::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h14::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h3::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h4::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h9::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:-::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h1::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h10::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h2::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h4::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h6::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:-::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h1::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h4::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.1.5:-::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:-::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.2.1:-::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:-::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:h1::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.2.3:-::::::
cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:-::::::

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

Recommended mitigation—The vast majority of firewalls already follow Palo Alto Networks and industry best practices. However, if you haven’t already, we strongly recommend that you secure access to your management interface according to our best practice deployment guidelines. Specifically, you should restrict access to the management interface to only trusted internal IP addresses to prevent external access from the internet. Additionally, if you have a Threat Prevention subscription, you can block these attacks using Threat IDs 95746, 95747, 95752, 95753, 95759, and 95763 (available in Applications and Threats content version 8915-9075 and later). For these Threat IDs to protect against attacks for this vulnerability, * Ensure that all the listed Threat IDs are set to block mode, * Route incoming traffic for the MGT port through a DP port https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id59206398-3dab-4b2f-9b4b-7ea500d036ba , e.g., enabling management profile on a DP interface for management access, * Replace the Certificate for Inbound Traffic Management https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id112f7714-8995-4496-bbf9-781e63dec71c , * Decrypt inbound traffic to the management interface so the firewall can inspect it https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#idbbd82587-17a2-42b4-9245-d3714e1e13a2 , and * Enable threat prevention on the inbound traffic to management services. Review information about how to secure management access to your Palo Alto Networks firewalls: * Palo Alto Networks LIVEcommunity article: https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 * Palo Alto Networks official and more detailed technical documentation: https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices

References

Link	Providers
https://labs.watchtowr.com/pots-and-pans-aka-an-sslvpn-palo-alto-pan-os-cve-2024-0012-and-cve-2024-9474/
https://security.paloaltonetworks.com/CVE-2024-0012
https://unit42.paloaltonetworks.com/cve-2024-0012-cve-2024-9474/
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-0012

History

Tue, 04 Nov 2025 17:00:00 +0000

Type	Values Removed	Values Added
CPEs	cpe:2.3:o:paloaltonetworks:pan-os::::::::	cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:-::::::

Tue, 21 Oct 2025 23:15:00 +0000

Type	Values Removed	Values Added
References		https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-0012

Tue, 21 Oct 2025 20:30:00 +0000

Type	Values Removed	Values Added
References	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-0012

Tue, 21 Oct 2025 19:30:00 +0000

Type	Values Removed	Values Added
References		https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-0012

Fri, 11 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.94303}`	epss `{'score': 0.94294}`

Fri, 29 Nov 2024 16:15:00 +0000

Type	Values Removed	Values Added
References		https://labs.watchtowr.com/pots-and-pans-aka-an-sslvpn-palo-alto-pan-os-cve-2024-0012-and-cve-2024-9474/

Sun, 24 Nov 2024 15:30:00 +0000

Type	Values Removed	Values Added
References		https://unit42.paloaltonetworks.com/cve-2024-0012-cve-2024-9474/

Tue, 19 Nov 2024 17:45:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:o:paloaltonetworks:pan-os::::::::
Metrics		cvssV3_1 `{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}`

Mon, 18 Nov 2024 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		kev `{'dateAdded': '2024-11-18'}` ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Mon, 18 Nov 2024 16:00:00 +0000

Type	Values Removed	Values Added
Description		An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities like CVE-2024-9474 https://security.paloaltonetworks.com/CVE-2024-9474 . The risk of this issue is greatly reduced if you secure access to the management web interface by restricting access to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, PAN-OS 11.1, and PAN-OS 11.2 software. Cloud NGFW and Prisma Access are not impacted by this vulnerability.
Title		PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015)
First Time appeared		Paloaltonetworks Paloaltonetworks pan-os
Weaknesses		CWE-306
CPEs		cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h6:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h7:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h11:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h12:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h13:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h14:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h15:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h6:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h7:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h8:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h9:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h6:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h10:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h11:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h13:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h14:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h15:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h16:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h7:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h9:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h10:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h11:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h12:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h13:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h6:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h7:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h8:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h9:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h10:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h11:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h12:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h13:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h14:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h6:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h7:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h8:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h10:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h11:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h12:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h6:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h7:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h8:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h9:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.6:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h10:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h11:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h12:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h13:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h14:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h6:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h7:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h8:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h9:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h10:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h6:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h7:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h8:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h9:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1.5:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.1:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.2.1:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.2.3:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.2:-::::::
Vendors & Products		Paloaltonetworks Paloaltonetworks pan-os
References		https://security.paloaltonetworks.com/CVE-2024-0012
Metrics		cvssV4_0 `{'score': 5.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Red'}`

MITRE

Status: PUBLISHED

Assigner: palo_alto

Published: 2024-11-18T15:47:41.407Z

Updated: 2025-10-21T22:55:36.241Z

Reserved: 2023-11-09T18:56:17.699Z

Link: CVE-2024-0012

Vulnrichment

Updated: 2024-11-24T14:44:56.514Z

NVD

Status : Analyzed

Published: 2024-11-18T16:15:11.683

Modified: 2025-11-04T16:49:23.110

Link: CVE-2024-0012

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required High

Attack Requirements Present

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation active

Automatable yes

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object