Upgrade Palo Alto Firewall and GlobalProtect for November 2024 CVE
By Rackspace Technology Security Team
On 18 November 2024, Palo Alto Networks issued two security advisories, CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015) and CVE-2024-9474 PAN-OS: Privilege Escalation (PE) Vulnerability in the Web Management Interface.
Rackspace Technology and Palo Alto Networks have proactively reviewed our customers and verified the risk is low due to compensating controls protecting our customer firewall web management interfaces.
Palo Alto Networks has released interim updates as their preferred release to address these vulnerabilities. Rackspace will be contacting customers via ticket to mitigate these vulnerabilities. Please open a ticket for a Rackspace support team to assist if you have any questions.
An additional Global Protect vulnerability, CVE-2024-9473, was announced for GlobalProtect App: Local Privilege Escalation (PE) Vulnerability. Global Protect can be upgraded by our support staff to version 6.1.4-c720.
For more information see:
https://security.paloaltonetworks.com/CVE-2024-0012
Recent Posts
Upgrade Palo Alto Firewall and GlobalProtect for November 2024 CVE
November 26th, 2024
Google Cloud Hybrid Networking Patterns — Part 1
October 17th, 2024
Google Cloud Hybrid Networking Patterns — Part 3
October 17th, 2024
Google Cloud Hybrid Networking Patterns — Part 2
October 17th, 2024
How Rackspace Leverages AWS Systems Manager
October 9th, 2024