CVE-2024-47076 Informational: No Impact of CUPS Vulnerabilities on Palo Alto Networks Products (original) (raw)
Palo Alto Networks Security Advisories /CVE-2024-47076
Informational
Published2024-09-26
Updated2024-09-26
Reference
Description
The Palo Alto Networks Product Security Assurance team has evaluated CVE-2024-47076, CVE-2024-47177, CVE-2024-47175, and CVE-2024-47176 in the Common UNIX Printing System (CUPS) as they relate to our products.
Based on current information, Palo Alto Networks products and cloud services do not contain affected CUPS-related software packages and are not impacted by these issues.
CVE | Summary |
---|---|
CVE-2024-47076 | The listed products do not contain affected CUPS-related software packages and are not impacted by this issue. |
CVE-2024-47177 | The listed products do not contain affected CUPS-related software packages and are not impacted by this issue. |
CVE-2024-47175 | The listed products do not contain affected CUPS-related software packages and are not impacted by this issue. |
CVE-2024-47176 | The listed products do not contain affected CUPS-related software packages and are not impacted by this issue. |
Product Status
Versions | Affected | Unaffected |
---|---|---|
Cloud NGFW | None | All |
Cortex XDR | None | All |
Cortex XDR Agent | None | All |
Cortex XSIAM | None | All |
Cortex XSOAR | None | All |
GlobalProtect App | None | All |
PAN-OS | None | All |
Prisma Access | None | All |
Prisma Access Browser | None | All |
Prisma Cloud | None | All |
Prisma Cloud Compute | None | All |
Prisma SD-WAN | None | All |
Exploitation Status
Palo Alto Networks is not aware of any malicious exploitation of this issue.
Weakness Type
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Solution
No software updates are required at this time.
Workarounds and Mitigations
Customers who decide to block CUPS traffic can create a Security policy rule (Policies > Security) that targets the "cups" application. Refer to the information about creating Security policy rules: https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/policy/security-policy/create-a-security-policy-rule
Acknowledgments
Palo Alto Networks thanks Simone Margaritelli (@evilsocket) for discovering and reporting this vulnerability.
Palo Alto Networks thanks CERT/CC for coordinating the disclosure of this vulnerability.
Timeline
2024-09-26 Initial publication