{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T00:47:14.058","vulnerabilities":[{"cve":{"id":"CVE-2024-8687","sourceIdentifier":"psirt@paloaltonetworks.com","published":"2024-09-11T17:15:14.157","lastModified":"2024-10-03T00:26:56.110","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configured disable or disconnect passcode. After the password or passcode is known, end users can uninstall, disable, or disconnect GlobalProtect even if the GlobalProtect app configuration would not normally permit them to do so."},{"lang":"es","value":"Existe una vulnerabilidad de exposición de información en el software PAN-OS de Palo Alto Networks que permite que un usuario final de GlobalProtect conozca tanto la contraseña de desinstalación de GlobalProtect configurada como el código de acceso de deshabilitación o desconexión configurado. Una vez que se conoce la contraseña o el código de acceso, los usuarios finales pueden desinstalar, deshabilitar o desconectar GlobalProtect incluso si la configuración de la aplicación GlobalProtect normalmente no les permitiría hacerlo."}],"metrics":{"cvssMetricV40":[{"source":"psirt@paloaltonetworks.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:A/V:D/RE:M/U:Amber","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"AUTOMATIC","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.2}]},"weaknesses":[{"source":"psirt@paloaltonetworks.com","type":"Secondary","description":[{"lang":"en","value":"CWE-497"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"8.1.0","versionEndExcluding":"8.1.25","matchCriteriaId":"5C73941F-EBEE-4A03-94A4-B4C7C96E4963"},{"vulnerable":true,"criteria":"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"9.0.0","versionEndExcluding":"9.0.17","matchCriteriaId":"89A55C5F-8E01-42C4-BE93-D683900C07BE"},{"vulnerable":true,"criteria":"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"9.1.0","versionEndExcluding":"9.1.16","matchCriteriaId":"56181B13-327B-4249-A7E8-246B2420CEFC"},{"vulnerable":true,"criteria":"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.0.0","versionEndExcluding":"10.0.12","matchCriteriaId":"71F1F86A-8158-4BE8-B509-5F50421DA829"},{"vulnerable":true,"criteria":"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.1.0","versionEndExcluding":"10.1.9","matchCriteriaId":"18EE46C0-B863-4AE4-833C-05030D8AD1AF"},{"vulnerable":true,"criteria":"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.0","versionEndExcluding":"10.2.4","matchCriteriaId":"D61F01F8-1598-4078-9D98-BFF5B62F3BA5"},{"vulnerable":true,"criteria":"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:*:*:*:*:*:*:*","matchCriteriaId":"6F3693A5-182E-4723-BE2A-062D0C9E736C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:*:*:*","versionStartIncluding":"5.1.0","versionEndExcluding":"5.1.12","matchCriteriaId":"B67C7EC3-6A0C-4068-A40C-3CA3CE670E02"},{"vulnerable":true,"criteria":"cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:*:*:*","versionStartIncluding":"5.2.0","versionEndExcluding":"5.2.13","matchCriteriaId":"B4E58F8A-5040-432C-9B6B-1890F33A0FB3"},{"vulnerable":true,"criteria":"cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndExcluding":"6.0.7","matchCriteriaId":"4ACA99D7-01F8-4BEE-9CC9-AF8AA1121DAB"},{"vulnerable":true,"criteria":"cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.0","versionEndExcluding":"6.1.2","matchCriteriaId":"C4BDBA4C-CEE9-4B47-82EE-3B58A04EB649"},{"vulnerable":true,"criteria":"cpe:2.3:a:paloaltonetworks:globalprotect:6.2.0:*:*:*:*:*:*:*","matchCriteriaId":"780045AA-5D59-4D8C-B742-B48B58DAD8F0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:paloaltonetworks:prisma_access:-:*:*:*:*:*:*:*","matchCriteriaId":"FFB6FBC7-DEEB-4571-BCF9-92345A4B614A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*","versionEndExcluding":"10.2.9","matchCriteriaId":"456CB3CF-DCDA-4A0A-8DC0-72DBD713D3BE"}]}]}],"references":[{"url":"https://security.paloaltonetworks.com/CVE-2024-8687","source":"psirt@paloaltonetworks.com","tags":["Vendor Advisory"]}]}}]}