CVE-2024-3385

Published: Apr 10, 2024Modified: Jan 24, 2025

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

A packet processing mechanism in Palo Alto Networks PAN-OS software enables a remote attacker to reboot hardware-based firewalls. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online. This affects the following hardware firewall models: - PA-5400 Series firewalls - PA-7000 Series firewalls

Affected (7)

Products: Paloaltonetworks: Pan Os

Paloaltonetworks

1 product

Pan Os

Configuration A

7 vulnerable · 7 platform

Vulnerable Software	Affected Versions
Paloaltonetworks Pan Os	From 10.1.0 to 10.1.12
Paloaltonetworks Pan Os	From 10.2.0 to 10.2.8
Paloaltonetworks Pan Os	From 11.0.0 to 11.0.3
Paloaltonetworks Pan Os	From 9.0.0 to 9.0.16
Paloaltonetworks Pan Os	From 9.1.0 to 9.1.17
Paloaltonetworks Pan Os	Version 9.0.17
Paloaltonetworks Pan Os	Version 9.0.17 h1

Running on/with	Platform Versions
Paloaltonetworks Pa 5410	All versions
Paloaltonetworks Pa 5420	All versions
Paloaltonetworks Pa 5430	All versions
Paloaltonetworks Pa 5440	All versions
Paloaltonetworks Pa 5445	All versions
Paloaltonetworks Pa 7050	All versions
Paloaltonetworks Pa 7080	All versions

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

CWE-476

NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

References (2)

https://security.paloaltonetworks.com/CVE-2024-3385

Source: psirt@paloaltonetworks.com

Vendor Advisory

https://security.paloaltonetworks.com/CVE-2024-3385

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.