← Zuruck zu CVEs
CVE-2024-3393
HIGHCISA KEV7.5
Beschreibung
A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.
CVE Details
CVSS v3.1 Bewertung7.5
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht12/27/2024
Zuletzt geandert11/4/2025
Quellekev
Honeypot-Sichtungen0
CISA KEV
HerstellerPalo Alto Networks
ProduktPAN-OS
SchwachstellennamePalo Alto Networks PAN-OS Malicious DNS Packet Vulnerability
KEV Aufnahmedatum2024-12-30
Behebungsfrist2025-01-20
Ransomware-NutzungUnknown
Betroffene Produkte
paloaltonetworks:pan-ospaloaltonetworks:prisma_access
Schwachen (CWE)
CWE-754CWE-754
Referenzen
https://security.paloaltonetworks.com/CVE-2024-3393(psirt@paloaltonetworks.com)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-3393(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.