← Voltar para CVEs
CVE-2024-3393
HIGHCISA KEV7.5
Descricao
A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.
Detalhes CVE
Pontuacao CVSS v3.17.5
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado12/27/2024
Ultima modificacao11/4/2025
Fontekev
Avistamentos honeypot0
CISA KEV
FornecedorPalo Alto Networks
ProdutoPAN-OS
Nome da vulnerabilidadePalo Alto Networks PAN-OS Malicious DNS Packet Vulnerability
Data inclusao KEV2024-12-30
Prazo de remediacao2025-01-20
Uso em ransomwareUnknown
Produtos afetados
paloaltonetworks:pan-ospaloaltonetworks:prisma_access
Fraquezas (CWE)
CWE-754CWE-754
Referencias
https://security.paloaltonetworks.com/CVE-2024-3393(psirt@paloaltonetworks.com)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-3393(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.