NVD disclosure day

Published threat advisories for November 18, 2024

CVE advisoryKnown Exploit

CVE-2024-21287

Oracle Agile PLM Unauthorized Data Access Vulnerability.

Halo Surface Signal: 3 out of 5 — possibly public-facing.

A vulnerability in Oracle Agile PLM Framework allows unauthenticated attackers with network access to gain unauthorized access to critical data. This impacts data confidentiality and could lead to significant business risk. Organizations should prioritize addressing this issue.

NVD published: • CISA KEV
CVE advisoryKnown Exploit

CVE-2024-9474

Palo Alto Networks PAN-OS Privilege Escalation Vulnerability

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

A privilege escalation vulnerability in PAN-OS software allows an administrator with management web interface access to perform actions with root privileges. This affects PAN-OS firewalls, potentially enabling unauthorized system control. Cloud NGFW and Prisma Access are not impacted.

NVD published: • CISA KEV
CVE advisoryKnown Exploit

CVE-2024-0012

Palo Alto Networks PAN-OS Authentication Bypass Vulnerability

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A vulnerability in Palo Alto Networks PAN-OS software allows unauthorized access to the management web interface, potentially enabling an attacker to gain administrator privileges. This could lead to system configuration tampering or further exploitation. Risk is reduced if management access is restricted to trusted ne

NVD published: • CISA KEV