CVE-2024-9468

Published: Oct 9, 2024Modified: Dec 1, 2025

8.2

Vector

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:C/RE:L/U:Amber

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:C/RE:L/U:AmberShow less

Source: psirt@paloaltonetworks.com (Secondary)

Description

A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted packet through the data plane, resulting in a denial of service (DoS) condition. Repeated attempts to trigger this condition will result in PAN-OS entering maintenance mode.

Affected (65)

Products: Paloaltonetworks: Pan Os

Paloaltonetworks

1 product

Pan Os

Configuration A

65 vulnerable

Vulnerable Software	Affected Versions
Paloaltonetworks Pan Os	From 10.2.0 to 10.2.4
Paloaltonetworks Pan Os	From 10.2.5 to 10.2.7
Paloaltonetworks Pan Os	From 11.0.0 to 11.0.4
Paloaltonetworks Pan Os	From 11.0.5 to 11.0.6
Paloaltonetworks Pan Os	From 11.1.0 to 11.1.3
Paloaltonetworks Pan Os	Version 10.2.10
Paloaltonetworks Pan Os	Version 10.2.10 h1
Paloaltonetworks Pan Os	Version 10.2.10 h2
Paloaltonetworks Pan Os	Version 10.2.10 h3
Paloaltonetworks Pan Os	Version 10.2.4
Paloaltonetworks Pan Os	Version 10.2.4 h10
Paloaltonetworks Pan Os	Version 10.2.4 h16
Paloaltonetworks Pan Os	Version 10.2.4 h2
Paloaltonetworks Pan Os	Version 10.2.4 h3
Paloaltonetworks Pan Os	Version 10.2.4 h4
Paloaltonetworks Pan Os	Version 10.2.7
Paloaltonetworks Pan Os	Version 10.2.7 h10
Paloaltonetworks Pan Os	Version 10.2.7 h11
Paloaltonetworks Pan Os	Version 10.2.7 h12
Paloaltonetworks Pan Os	Version 10.2.7 h13
Paloaltonetworks Pan Os	Version 10.2.7 h14
Paloaltonetworks Pan Os	Version 10.2.7 h15
Paloaltonetworks Pan Os	Version 10.2.7 h16
Paloaltonetworks Pan Os	Version 10.2.7 h17
Paloaltonetworks Pan Os	Version 10.2.7 h18
Paloaltonetworks Pan Os	Version 10.2.7 h19
Paloaltonetworks Pan Os	Version 10.2.7 h1
Paloaltonetworks Pan Os	Version 10.2.7 h20
Paloaltonetworks Pan Os	Version 10.2.7 h21
Paloaltonetworks Pan Os	Version 10.2.7 h22
Paloaltonetworks Pan Os	Version 10.2.7 h23
Paloaltonetworks Pan Os	Version 10.2.7 h2
Paloaltonetworks Pan Os	Version 10.2.8
Paloaltonetworks Pan Os	Version 10.2.8 h10
Paloaltonetworks Pan Os	Version 10.2.8 h11
Paloaltonetworks Pan Os	Version 10.2.8 h12
Paloaltonetworks Pan Os	Version 10.2.8 h13
Paloaltonetworks Pan Os	Version 10.2.8 h14
Paloaltonetworks Pan Os	Version 10.2.8 h15
Paloaltonetworks Pan Os	Version 10.2.8 h16
Paloaltonetworks Pan Os	Version 10.2.8 h17
Paloaltonetworks Pan Os	Version 10.2.8 h18
Paloaltonetworks Pan Os	Version 10.2.8 h19
Paloaltonetworks Pan Os	Version 10.2.8 h1
Paloaltonetworks Pan Os	Version 10.2.8 h2
Paloaltonetworks Pan Os	Version 10.2.8 h3
Paloaltonetworks Pan Os	Version 10.2.8 h4
Paloaltonetworks Pan Os	Version 10.2.8 h5
Paloaltonetworks Pan Os	Version 10.2.8 h6
Paloaltonetworks Pan Os	Version 10.2.8 h7
Paloaltonetworks Pan Os	Version 10.2.8 h8
Paloaltonetworks Pan Os	Version 10.2.8 h9
Paloaltonetworks Pan Os	Version 10.2.9
Paloaltonetworks Pan Os	Version 10.2.9 h1
Paloaltonetworks Pan Os	Version 10.2.9 h2
Paloaltonetworks Pan Os	Version 10.2.9 h3
Paloaltonetworks Pan Os	Version 10.2.9 h4
Paloaltonetworks Pan Os	Version 10.2.9 h5
Paloaltonetworks Pan Os	Version 10.2.9 h6
Paloaltonetworks Pan Os	Version 10.2.9 h7
Paloaltonetworks Pan Os	Version 10.2.9 h8
Paloaltonetworks Pan Os	Version 10.2.9 h9
Paloaltonetworks Pan Os	Version 11.0.4
Paloaltonetworks Pan Os	Version 11.0.4 h1
Paloaltonetworks Pan Os	Version 11.0.4 h2

Related CWEs

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (1)

https://security.paloaltonetworks.com/CVE-2024-9468

Source: psirt@paloaltonetworks.com

Vendor Advisory

Timeline

No history available yet.