CVE-2024-3388
published 2024-04-10CVE-2024-3388: A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated attacker to impersonate another user and send…
PriorityP428medium5CVSS 3.1
AVNACLPRLUINSCCNILAN
EPSS
0.35%
26.9th percentile
A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated attacker to impersonate another user and send network packets to internal assets. However, this vulnerability does not allow the attacker to receive response packets from those internal assets.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| palo_alto_networks | pan-os | >= 10.1.0 < 10.1.11-h4 | 10.1.11-h4 |
| palo_alto_networks | pan-os | >= 10.2.0 < 10.2.7-h3 | 10.2.7-h3 |
| palo_alto_networks | pan-os | >= 11.0.0 < 11.0.3 | 11.0.3 |
| palo_alto_networks | pan-os | >= 8.1.0 < 8.1.26 | 8.1.26 |
| palo_alto_networks | pan-os | >= 9.0.0 < 9.0.17-h4 | 9.0.17-h4 |
| palo_alto_networks | pan-os | >= 9.1.0 < 9.1.17 | 9.1.17 |
| palo_alto_networks | prisma_access | >= 10.2 < 10.2.4 | 10.2.4 |
| paloalto | cloud_ngfw | — | — |
| paloalto | pan-os | — | — |
| paloalto | prisma_access | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | >= 10.1.0 < 10.1.11 | 10.1.11 |
| paloaltonetworks | pan-os | >= 10.2.0 < 10.2.7 | 10.2.7 |
| paloaltonetworks | pan-os | >= 11.0.0 < 11.0.3 | 11.0.3 |
| paloaltonetworks | pan-os | >= 8.1.0 < 8.1.26 | 8.1.26 |
| paloaltonetworks | pan-os | >= 9.0.0 < 9.0.17 | 9.0.17 |
| paloaltonetworks | pan-os | >= 9.1.0 < 9.1.17 | 9.1.17 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Palo Alto
PAN-OS: User Impersonation in GlobalProtect SSL VPN
vendor_paloalto·2024-04-10·CVSS 5.0
CVE-2024-3388 [MEDIUM] CWE-269 PAN-OS: User Impersonation in GlobalProtect SSL VPN
PAN-OS: User Impersonation in GlobalProtect SSL VPN
A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated attacker to impersonate another user and send network packets to internal assets. However, this vulnerability does not allow the attacker to receive response packets from those internal assets.
Affected products: Cloud NGFW, PAN-OS, Prisma Access
Solution: This issue is fixed in PAN-OS 8.1.26, PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.11-h4, PAN-OS 10.2.7-h3, PAN-OS 11.0.3, and all later PAN-OS versions. This issue is fixed in Prisma Access 10.2.4 and later.
Workaround: You can enable the "Disable Automatic Restoration of SSL VPN" (Network > GlobalProtect Gateways > > GlobalProtect Gateway Configuration > Agent > Connection S
GHSA
GHSA-wmmf-r63x-5jrw: A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated attacker to impersonate another user and s
ghsa_unreviewed·2024-04-10
CVE-2024-3388 [MEDIUM] CWE-269 GHSA-wmmf-r63x-5jrw: A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated attacker to impersonate another user and s
A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated attacker to impersonate another user and send network packets to internal assets. However, this vulnerability does not allow the attacker to receive response packets from those internal assets.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-04-10
Published