Upgrade Palo Alto Firewall and GlobalProtect for November 2024 CVE

By Rackspace Technology Security Team

On 18 November 2024, Palo Alto Networks issued two security advisories, CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015) and CVE-2024-9474 PAN-OS: Privilege Escalation (PE) Vulnerability in the Web Management Interface.  

Rackspace Technology and Palo Alto Networks have proactively reviewed our customers and verified the risk is low due to compensating controls protecting our customer firewall web management interfaces. 

Palo Alto Networks has released interim updates as their preferred release to address these vulnerabilities. Rackspace will be contacting customers via ticket to mitigate these vulnerabilities. Please open a ticket for a Rackspace support team to assist if you have any questions.

An additional Global Protect vulnerability, CVE-2024-9473, was announced for GlobalProtect App: Local Privilege Escalation (PE) Vulnerability. Global Protect can be upgraded by our support staff to version 6.1.4-c720. 

 

For more information see: 

https://security.paloaltonetworks.com/CVE-2024-0012 

https://security.paloaltonetworks.com/CVE-2024-9474 

https://security.paloaltonetworks.com/CVE-2024-9473 

A red image with text "Subscribe to the Rackspace Insights Newsletter" with a "Subscribe now" button. A mail icon is positioned to the right of the text.

Blog Links

Rackspace Insights

FAIR AI Insights

Newsroom

Investor Relations

Media Kit

Contact the Rackspace Technology team for more information

Contact Us