• EN

A critical vulnerability in Palo Alto Networks PAN-OS CVE-2024-3400

  • 23 April 2024
  • 1 comment
  • 23 views
Stabz
Userlevel 7
Badge +7

Hey folks,
 

A critical vulnerability (CVSS: 10) referenced as CVE-2024-3400, impacting a feature in Palo Alto Networks PAN-OS, allows an unauthenticated user to execute code with administrator privileges on the firewall. Please be aware that this vulnerability is actively being exploited.

Affected system:

  • PAN-OS 11.1.x versions antérieures à 11.1.2-h3
  • PAN-OS 11.0.x versions antérieures à 11.0.4-h1
  • PAN-OS 10.2.x antérieures à 10.2.9-h1

Remediation:
Apply security patches, available for certain versions since April 14, 2024.
If the patch is not yet available for the installed version, the workaround is to disable telemetry on the firewall, or enable threat protection with ID 95187 in the "Threat Prevention" function.

More infos:

https://security.paloaltonetworks.com/CVE-2024-3400

Philippe DUPUIS |Veeam Certified Engineer | https://original-network.com/

1 comment

Chris.Childerhose
Userlevel 7
Badge +20

Interesting a vendor that you don't hear much about but nice to see they have patched the issue.  Always liked learning about Palo Alto networking firewalls.

Chris Childerhose - VMCA2022 | VMCE2023 | Veeam Vanguard 7* | Veeam Legend 3* | vExpert 5* | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech

Comment


Terms & Conditions