CVE-2024-0008 | SynScan

Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2024-0008

Web sessions in the management interface in Palo Alto Networks PAN-OS software do not expire in certain situations, making it susceptible to unauthorized access.

Published: Feb 14, 2024
Updated: May 4, 2025
CVE: CVE-2024-0008
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWEs:

CWE-613

OWASP TOP 10:

A2 - Broken Authentication

Affected Software
References

Software	From	Fixed in
paloaltonetworks / pan-os	10.2.0	10.2.5
paloaltonetworks / pan-os	11.0.0	11.0.2
paloaltonetworks / pan-os	10.1.0	10.1.10
paloaltonetworks / pan-os	10.1.10	10.1.10.x
paloaltonetworks / pan-os	10.0.0	10.0.12
paloaltonetworks / pan-os	10.0.12	10.0.12.x
paloaltonetworks / pan-os	9.1.0	9.1.17
paloaltonetworks / pan-os	9.0.0	9.0.17
paloaltonetworks / pan-os	9.0.17-h1	9.0.17-h1.x
paloaltonetworks / pan-os	9.0.17	9.0.17.x

https://security.paloaltonetworks.com/CVE-2024-0008