CVE-2024-5920: 
PAN-OS vulnerability analysis and mitigation

A stored cross-site scripting (XSS) vulnerability (CVE-2024-5920) was discovered in Palo Alto Networks PAN-OS software, disclosed on November 13, 2024. The vulnerability affects multiple versions of PAN-OS including versions prior to 10.1.14, 10.2.11, 11.0.6, and 11.1.4. Cloud NGFW and Prisma Access are not affected by this vulnerability (Palo Alto Advisory).

The vulnerability enables an authenticated read-write Panorama administrator to push a specially crafted configuration to a PAN-OS node. The vulnerability has been assigned a CVSS v4.0 base score of 4.6 MEDIUM (CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Amber) and is classified as CWE-79 (Improper Neutralization of Input During Web Page Generation) (NVD).

When successfully exploited, this vulnerability enables impersonation of a legitimate PAN-OS administrator who can perform restricted actions on the PAN-OS node after the execution of JavaScript in the legitimate PAN-OS administrator's browser (Palo Alto Advisory).

The vulnerability has been fixed in PAN-OS versions 10.1.14, 10.2.11, 11.0.6, 11.1.4, and all later PAN-OS versions. Organizations using affected versions should upgrade to the patched versions to mitigate this vulnerability (Palo Alto Advisory).