Palo Alto Networks Security Advisories /CVE-2024-5906CVE-2024-5906 Prisma Cloud Compute: Stored Cross-Site Scripting (XSS) Vulnerability in the Web InterfaceUrgencyMODERATEResponse EffortMODERATERecoveryAUTOMATICValue DensityDIFFUSEAttack VectorNETWORKAttack ComplexityLOWAttack RequirementsNONEAutomatableNOUser InteractionPASSIVEProduct ConfidentialityLOWProduct IntegrityLOWProduct AvailabilityNONEPrivileges RequiredHIGHSubsequent ConfidentialityNONESubsequent IntegrityNONESubsequent AvailabilityNONENVDJSON Published2024-06-12 Updated2024-06-12ReferenceCWP-56273DiscoveredexternallyDescriptionA cross-site scripting (XSS) vulnerability in Palo Alto Networks Prisma Cloud Compute software enables a malicious administrator with add/edit permissions for identity providers to store a JavaScript payload using the web interface on Prisma Cloud Compute. This enables a malicious administrator to perform actions in the context of another user's browser when accessed by that other user.Product StatusVersionsAffectedUnaffectedPrisma Cloud Compute 32< 32.05 (O’Neal - Update 5)>= 32.05 (O’Neal - Update 5)Severity:MEDIUMCVSSv4.0Base Score:4.8 (CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/AU:N/R:A/V:D/RE:M/U:Amber)Exploitation StatusPalo Alto Networks is not aware of any malicious exploitation of this issue.Weakness TypeCWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')SolutionThis issue is fixed in Prisma Cloud Compute 32.05 (O'Neal - Update 5) and all later versions.AcknowledgmentsPalo Alto Networks thanks Tomasz Stachowicz for discovering and reporting this issue.Timeline2024-06-12Initial publication
