1. Home
  2. CVE Database
  3. CVE-2024-8687
HIGH · 7.1

CVE-2024-8687

An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configure...

Vulnerability Description

An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configured disable or disconnect passcode. After the password or passcode is known, end users can uninstall, disable, or disconnect GlobalProtect even if the GlobalProtect app configuration would not normally permit them to do so.

CVSS Score

7.1

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
PaloaltonetworksPan-Os>= 8.1.0, < 8.1.25
PaloaltonetworksGlobalprotect>= 5.1.0, < 5.1.12
PaloaltonetworksPrisma Access-

Related Weaknesses (CWE)

CWE-497

References

FAQ

What is CVE-2024-8687?

CVE-2024-8687 is a vulnerability with a CVSS score of 7.1 (HIGH). An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configure...

How severe is CVE-2024-8687?

CVE-2024-8687 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-8687?

Check the references section above for vendor advisories and patch information. Affected products include: Paloaltonetworks Pan-Os, Paloaltonetworks Globalprotect, Paloaltonetworks Prisma Access.