CVE-2024-3384

Summary

A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager (NTLM) packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online.

Affected Software

VendorProductVersion RangeStatus
Palo Alto NetworksPAN-OS8.1.0 < 8.1.24affected
Palo Alto NetworksPAN-OS9.0.0 < 9.0.17affected
Palo Alto NetworksPAN-OS9.1.0 < 9.1.15-h1affected
Palo Alto NetworksPAN-OS10.0.0 < 10.0.12affected
Palo Alto NetworksPAN-OS10.1.0unaffected
Palo Alto NetworksPAN-OS10.2.0unaffected
Palo Alto NetworksPAN-OS11.0.0unaffected
Palo Alto NetworksPAN-OS11.1.0unaffected
Palo Alto NetworksCloud NGFWAllunaffected
Palo Alto NetworksPrisma AccessAllunaffected

Weaknesses

  • CWE-1286: CWE-1286 Improper Validation of Syntactic Correctness of Input

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References