CVE-2024-5905

EUVD-2024-47037
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local low privileged Windows user to disrupt some functionality of the agent. However, they are not able to disrupt Cortex XDR agent protection mechanisms using this vulnerability.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.4 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 18%
Affected Products (NVD)
VendorProductVersion
paloaltonetworkscortex_xdr_agent
7.9.0 ≤
𝑥
< 7.9.102
paloaltonetworkscortex_xdr_agent
8.1 ≤
𝑥
< 8.1.2
paloaltonetworkscortex_xdr_agent
8.2 ≤
𝑥
< 8.2.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://security.paloaltonetworks.com/CVE-2024-5905
https://security.paloaltonetworks.com/CVE-2024-5905