nvd-json-data-feeds/CVE-2024/CVE-2024-59xx/CVE-2024-5905.json

{
  "id": "CVE-2024-5905",
  "sourceIdentifier": "psirt@paloaltonetworks.com",
  "published": "2024-06-12T17:15:52.847",
  "lastModified": "2024-08-07T17:24:34.367",
  "vulnStatus": "Analyzed",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local low privileged Windows user to disrupt some functionality of the agent. However, they are not able to disrupt Cortex XDR agent protection mechanisms using this vulnerability."
    },
    {
      "lang": "es",
      "value": "Un problema con un mecanismo de protecci\u00f3n en el agente Cortex XDR de Palo Alto Networks en dispositivos Windows permite que un usuario local de Windows con pocos privilegios interrumpa algunas funciones del agente. Sin embargo, no pueden interrumpir los mecanismos de protecci\u00f3n del agente Cortex XDR utilizando esta vulnerabilidad."
    }
  ],
  "metrics": {
    "cvssMetricV40": [
      {
        "source": "psirt@paloaltonetworks.com",
        "type": "Secondary",
        "cvssData": {
          "version": "4.0",
          "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:D/RE:M/U:Amber",
          "attackVector": "LOCAL",
          "attackComplexity": "HIGH",
          "attackRequirements": "NONE",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "vulnerableSystemConfidentiality": "NONE",
          "vulnerableSystemIntegrity": "LOW",
          "vulnerableSystemAvailability": "LOW",
          "subsequentSystemConfidentiality": "NONE",
          "subsequentSystemIntegrity": "NONE",
          "subsequentSystemAvailability": "NONE",
          "exploitMaturity": "NOT_DEFINED",
          "confidentialityRequirements": "NOT_DEFINED",
          "integrityRequirements": "NOT_DEFINED",
          "availabilityRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
          "safety": "NOT_DEFINED",
          "automatable": "YES",
          "recovery": "USER",
          "valueDensity": "DIFFUSE",
          "vulnerabilityResponseEffort": "MODERATE",
          "providerUrgency": "AMBER",
          "baseScore": 2.0,
          "baseSeverity": "LOW"
        }
      }
    ],
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "availabilityImpact": "LOW",
          "baseScore": 4.4,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 2.5
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ]
    },
    {
      "source": "psirt@paloaltonetworks.com",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-346"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:content_update:*:*:*",
              "versionStartIncluding": "7.9.0",
              "versionEndExcluding": "7.9.102",
              "matchCriteriaId": "09772885-7300-4BB8-8E6B-D4CE4474D479"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "8.1",
              "versionEndExcluding": "8.1.2",
              "matchCriteriaId": "D085EDE6-405B-4AC0-9C86-0104B6FA3AE0"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "8.2",
              "versionEndExcluding": "8.2.1",
              "matchCriteriaId": "0BB9F55A-17D4-47B4-AFCE-EE2AB1B67FF5"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://security.paloaltonetworks.com/CVE-2024-5905",
      "source": "psirt@paloaltonetworks.com",
      "tags": [
        "Vendor Advisory"
      ]
    }
  ]
}