CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-5906

A cross-site scripting (XSS) vulnerability in Palo Alto Networks Prisma Cloud Compute software enables a malicious administrator with add/edit permissions for identity providers to store a JavaScript payload using the web interface on Prisma Cloud Compute. This enables a malicious administrator to perform actions in the context of another user's browser when accessed by that other user.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 44.4%

CVSS Severity

CVSS v3 Score 4.8

References

Products affected by CVE-2024-5906

Paloaltonetworks » Prisma Cloud » Version: 19.11

cpe:2.3:a:paloaltonetworks:prisma_cloud:19.11
Paloaltonetworks » Prisma Cloud » Version: 20.04

cpe:2.3:a:paloaltonetworks:prisma_cloud:20.04
Paloaltonetworks » Prisma Cloud » Version: 20.09

cpe:2.3:a:paloaltonetworks:prisma_cloud:20.09
Paloaltonetworks » Prisma Cloud » Version: 20.12

cpe:2.3:a:paloaltonetworks:prisma_cloud:20.12
Paloaltonetworks » Prisma Cloud » Version: 22.12.415

cpe:2.3:a:paloaltonetworks:prisma_cloud:22.12.415
Paloaltonetworks » Prisma Cloud » Version: 22.12.427

cpe:2.3:a:paloaltonetworks:prisma_cloud:22.12.427
Paloaltonetworks » Prisma Cloud » Version: 22.12.582

cpe:2.3:a:paloaltonetworks:prisma_cloud:22.12.582
Paloaltonetworks » Prisma Cloud » Version: 22.12.585

cpe:2.3:a:paloaltonetworks:prisma_cloud:22.12.585
Paloaltonetworks » Prisma Cloud » Version: 22.12.694

cpe:2.3:a:paloaltonetworks:prisma_cloud:22.12.694
Paloaltonetworks » Prisma Cloud » Version: 22.12.704

cpe:2.3:a:paloaltonetworks:prisma_cloud:22.12.704
Paloaltonetworks » Prisma Cloud » Version: 30.00.140

cpe:2.3:a:paloaltonetworks:prisma_cloud:30.00.140
Paloaltonetworks » Prisma Cloud » Version: 30.01.152

cpe:2.3:a:paloaltonetworks:prisma_cloud:30.01.152
Paloaltonetworks » Prisma Cloud » Version: 30.01.153

cpe:2.3:a:paloaltonetworks:prisma_cloud:30.01.153
Paloaltonetworks » Prisma Cloud » Version: 30.02.123

cpe:2.3:a:paloaltonetworks:prisma_cloud:30.02.123
Paloaltonetworks » Prisma Cloud » Version: 30.03.122

cpe:2.3:a:paloaltonetworks:prisma_cloud:30.03.122
Paloaltonetworks » Prisma Cloud » Version: 31.00.129

cpe:2.3:a:paloaltonetworks:prisma_cloud:31.00.129
Paloaltonetworks » Prisma Cloud » Version: 31.01.123

cpe:2.3:a:paloaltonetworks:prisma_cloud:31.01.123
Paloaltonetworks » Prisma Cloud » Version: 31.02.133

cpe:2.3:a:paloaltonetworks:prisma_cloud:31.02.133
Paloaltonetworks » Prisma Cloud » Version: 31.02.137

cpe:2.3:a:paloaltonetworks:prisma_cloud:31.02.137
Paloaltonetworks » Prisma Cloud » Version: 31.03.103

cpe:2.3:a:paloaltonetworks:prisma_cloud:31.03.103
Paloaltonetworks » Prisma Cloud » Version: 31.03.109

cpe:2.3:a:paloaltonetworks:prisma_cloud:31.03.109
Paloaltonetworks » Prisma Cloud » Version: 32

cpe:2.3:a:paloaltonetworks:prisma_cloud:32
Paloaltonetworks » Prisma Cloud » Version: 32.00

cpe:2.3:a:paloaltonetworks:prisma_cloud:32.00
Paloaltonetworks » Prisma Cloud » Version: 32.00.159

cpe:2.3:a:paloaltonetworks:prisma_cloud:32.00.159
Paloaltonetworks » Prisma Cloud » Version: 32.01

cpe:2.3:a:paloaltonetworks:prisma_cloud:32.01
Paloaltonetworks » Prisma Cloud » Version: 32.01.128

cpe:2.3:a:paloaltonetworks:prisma_cloud:32.01.128
Paloaltonetworks » Prisma Cloud » Version: 32.02

cpe:2.3:a:paloaltonetworks:prisma_cloud:32.02
Paloaltonetworks » Prisma Cloud » Version: 32.02.127

cpe:2.3:a:paloaltonetworks:prisma_cloud:32.02.127
Paloaltonetworks » Prisma Cloud » Version: 32.03

cpe:2.3:a:paloaltonetworks:prisma_cloud:32.03
Paloaltonetworks » Prisma Cloud » Version: 32.03.125

cpe:2.3:a:paloaltonetworks:prisma_cloud:32.03.125
Paloaltonetworks » Prisma Cloud » Version: 32.04

cpe:2.3:a:paloaltonetworks:prisma_cloud:32.04
Paloaltonetworks » Prisma Cloud » Version: 32.04.113

cpe:2.3:a:paloaltonetworks:prisma_cloud:32.04.113
Paloaltonetworks » Prisma Cloud » Version: 32.05

cpe:2.3:a:paloaltonetworks:prisma_cloud:32.05

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-5906

Products

Pricing

Contact Us