CVE-2024-5919 Information

Description

A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker to exfiltrate arbitrary files from firewalls to an attacker controlled server. This attack requires network access to the firewall management interface.

Reference

https://security.paloaltonetworks.com/CVE-2024-5919