CVE-2024-3384

A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager (NTLM) packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://security.paloaltonetworks.com/CVE-2024-3384	Vendor Advisory
https://security.paloaltonetworks.com/CVE-2024-3384	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:paloaltonetworks:pan-os::::::::
	cpe:2.3:o:paloaltonetworks:pan-os::::::::
	cpe:2.3:o:paloaltonetworks:pan-os::::::::
	cpe:2.3:o:paloaltonetworks:pan-os::::::::
	cpe:2.3:o:paloaltonetworks:pan-os:9.1.15:-::::::

History

24 Jan 2025, 15:54

Type	Values Removed	Values Added
References	~~() https://security.paloaltonetworks.com/CVE-2024-3384 -~~	() https://security.paloaltonetworks.com/CVE-2024-3384 - Vendor Advisory
CPE		cpe:2.3:o:paloaltonetworks:pan-os:::::::: cpe:2.3:o:paloaltonetworks:pan-os:9.1.15:-::::::
CWE		NVD-CWE-Other
First Time		Paloaltonetworks Paloaltonetworks pan-os

21 Nov 2024, 09:29

Type	Values Removed	Values Added
References	~~() https://security.paloaltonetworks.com/CVE-2024-3384 -~~	() https://security.paloaltonetworks.com/CVE-2024-3384 -
Summary		(es) Una vulnerabilidad en el software PAN-OS de Palo Alto Networks permite a un atacante remoto reiniciar los firewalls PAN-OS cuando recibe paquetes de Windows New Technology LAN Manager (NTLM) de servidores Windows. Los ataques repetidos eventualmente hacen que el firewall entre en modo de mantenimiento, lo que requiere una intervención manual para volver a ponerlo en línea.

10 Apr 2024, 17:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-04-10 17:15

Updated : 2025-01-24 15:54

NVD link : CVE-2024-3384

Mitre link : CVE-2024-3384

CVE.ORG link : CVE-2024-3384

JSON object : View

Products Affected

paloaltonetworks

pan-os

CWE

CWE-1286

Improper Validation of Syntactic Correctness of Input

NVD-CWE-Other

{"id": "CVE-2024-3384", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@paloaltonetworks.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2024-04-10T17:15:57.217", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2024-3384", "tags": ["Vendor Advisory"], "source": "psirt@paloaltonetworks.com"}, {"url": "https://security.paloaltonetworks.com/CVE-2024-3384", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "psirt@paloaltonetworks.com", "description": [{"lang": "en", "value": "CWE-1286"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager (NTLM) packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online."}, {"lang": "es", "value": "Una vulnerabilidad en el software PAN-OS de Palo Alto Networks permite a un atacante remoto reiniciar los firewalls PAN-OS cuando recibe paquetes de Windows New Technology LAN Manager (NTLM) de servidores Windows. Los ataques repetidos eventualmente hacen que el firewall entre en modo de mantenimiento, lo que requiere una intervenci\u00f3n manual para volver a ponerlo en l\u00ednea."}], "lastModified": "2025-01-24T15:54:56.557", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7D77695-CFDE-4BAE-8C8B-E389CC5C7A3F", "versionEndExcluding": "8.1.24", "versionStartIncluding": "8.1.0"}, {"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "89A55C5F-8E01-42C4-BE93-D683900C07BE", "versionEndExcluding": "9.0.17", "versionStartIncluding": "9.0.0"}, {"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "88CE0E44-13FF-4FD0-94D2-0C0823A7A70E", "versionEndExcluding": "9.1.15", "versionStartIncluding": "9.1.0"}, {"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "71F1F86A-8158-4BE8-B509-5F50421DA829", "versionEndExcluding": "10.0.12", "versionStartIncluding": "10.0.0"}, {"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:9.1.15:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D461A2C-0DD3-4E11-B3BB-ECDFAE85064A"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@paloaltonetworks.com"}

7.5 /10