CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
28.0%
The Palo Alto Networks Product Security Assurance team has evaluated CVE-2024-47076, CVE-2024-47177, CVE-2024-47175, and CVE-2024-47176 in the Common UNIX Printing System (CUPS) as they relate to our products.
Based on current information, Palo Alto Networks products and cloud services do not contain affected CUPS-related software packages and are not impacted by these issues.
Work around:
Customers who decide to block CUPS traffic can create a Security policy rule (Policies > Security) that targets the “cups” application. Refer to the information about creating Security policy rules: https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/policy/security-policy/create-a-security-policy-rule
Vendor | Product | Version | CPE |
---|---|---|---|
software | cloud_ngfw | * | cpe:2.3:a:software:cloud_ngfw:*:*:*:*:*:*:*:* |
software | cortex_xdr | * | cpe:2.3:a:software:cortex_xdr:*:*:*:*:*:*:*:* |
software | cortex_xdr_agent | * | cpe:2.3:a:software:cortex_xdr_agent:*:*:*:*:*:*:*:* |
software | globalprotect_app | * | cpe:2.3:a:software:globalprotect_app:*:*:*:*:*:*:*:* |
software | cortex_xsiam | * | cpe:2.3:a:software:cortex_xsiam:*:*:*:*:*:*:*:* |
software | cortex_xsoar | * | cpe:2.3:a:software:cortex_xsoar:*:*:*:*:*:*:*:* |
software | pan-os | * | cpe:2.3:a:software:pan-os:*:*:*:*:*:*:*:* |
software | prisma_access | * | cpe:2.3:a:software:prisma_access:*:*:*:*:*:*:*:* |
software | prisma_access_browser | * | cpe:2.3:a:software:prisma_access_browser:*:*:*:*:*:*:*:* |