CVE-2024-3384 — Improper Validation of Syntactic Correctness of Input in Palo Alto Networks Pan-os

CWE-1286 — Improper Validation of Syntactic Correctness of Input4 documents4 sources

Severity

7.5HIGHNVD

EPSS

0.7%

top 27.31%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Palo Alto Networks Pan-os Paloaltonetworks Pan-os Paloalto Cloud Ngfw +2 more

Timeline

PublishedApr 10

Description

A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager (NTLM) packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages5 packages

▶NVDpaloaltonetworks/pan-os8.1.0 — 8.1.24+4

▶CVEListV5palo_alto_networks/pan-os8.1.0 — 8.1.24+3

▶Palo Altopaloalto/pan-os

▶Palo Altopaloalto/cloud_ngfw

▶Palo Altopaloalto/prisma_access

🔴Vulnerability Details

CVEList

PAN-OS: Firewall Denial of Service (DoS) via Malformed NTLM Packets↗2024-04-10

▶

GHSA

GHSA-hwc4-2rmw-hcvq: A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN M↗2024-04-10

▶

📋Vendor Advisories

Palo Alto

PAN-OS: Firewall Denial of Service (DoS) via Malformed NTLM Packets↗2024-04-10

▶