{ "id": "CVE-2024-3400", "sourceIdentifier": "psirt@paloaltonetworks.com", "published": "2024-04-12T08:15:06.230", "lastModified": "2024-05-29T16:00:24.093", "vulnStatus": "Analyzed", "cveTags": [], "cisaExploitAdd": "2024-04-12", "cisaActionDue": "2024-04-19", "cisaRequiredAction": "Apply mitigations per vendor instructions as they become available. Otherwise, users with vulnerable versions of affected devices should enable Threat Prevention IDs available from the vendor. See the vendor bulletin for more details and a patch release schedule.", "cisaVulnerabilityName": "Palo Alto Networks PAN-OS Command Injection Vulnerability", "descriptions": [ { "lang": "en", "value": "A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.\n\nCloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability." }, { "lang": "es", "value": "Una vulnerabilidad de inyecci\u00f3n de comandos en la funci\u00f3n GlobalProtect del software PAN-OS de Palo Alto Networks para versiones espec\u00edficas de PAN-OS y configuraciones de funciones distintas puede permitir que un atacante no autenticado ejecute c\u00f3digo arbitrario con privilegios de root en el firewall. Cloud NGFW, dispositivos Panorama y Prisma Access no se ven afectados por esta vulnerabilidad." } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL" }, "exploitabilityScore": 3.9, "impactScore": 6.0 }, { "source": "psirt@paloaltonetworks.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL" }, "exploitabilityScore": 3.9, "impactScore": 6.0 } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-77" } ] }, { "source": "psirt@paloaltonetworks.com", "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-20" }, { "lang": "en", "value": "CWE-77" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*", "matchCriteriaId": "F54B40AC-A555-4447-B147-576D17CAB12A" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:*", "matchCriteriaId": "BEC5E9D4-1B58-4C89-8B68-47F996C04234" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:*", "matchCriteriaId": "DDDEB31F-EFDD-4A66-9687-7FFCF8EFDAAF" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:*", "matchCriteriaId": "9C664207-FA80-467E-853B-CBF61F01115F" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:*", "matchCriteriaId": "0F30A71D-281E-4BF8-803F-05B517399C6A" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:*", "matchCriteriaId": "5CB7F608-4F03-46EF-A27E-4C8F5363FF5E" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:*", "matchCriteriaId": "2269819F-11BD-482C-B8D2-96A9C7AD54D4" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*", "matchCriteriaId": "33340036-0E81-41CD-AFC4-480F509F8DD2" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:*", "matchCriteriaId": "5D7986DC-187D-4798-8B4A-7D23DF0EE0C8" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:*", "matchCriteriaId": "9D1FAC78-7714-48EC-9FDB-1A565814B958" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:*", "matchCriteriaId": "4B86668F-7BC5-4F50-AE80-E99F6DE370D7" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:*", "matchCriteriaId": "0E4172BC-EA53-4E01-B14D-BA897EBA2EAE" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:*", "matchCriteriaId": "98F219AD-A22F-47AC-88FE-B3F75AE059AC" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:*", "matchCriteriaId": "A79C13FD-C909-4FEE-AE24-A085E953D887" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:*", "matchCriteriaId": "A7FCFB45-1150-4F9C-8E4B-3DB2ADE89454" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:*", "matchCriteriaId": "0D4B4DCE-1593-4F8A-A461-A41290FE0041" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:*", "matchCriteriaId": "50F0801B-FC9F-4018-A837-CAB8CB9C9CD4" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:*", "matchCriteriaId": "C8C4AC1F-4FF0-4500-AFBB-F29613358156" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:*", "matchCriteriaId": "6FE16CA7-422A-4A53-8DDC-CB3A982C154F" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*", "matchCriteriaId": "135588B5-6771-46A3-98B0-39B4873FD6FD" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:*", "matchCriteriaId": "6ADF2A5B-DC55-44B1-A033-4A29C32AB5B1" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:*:*:*:*:*:*", "matchCriteriaId": "A17FE6D6-E0C3-4E82-A721-75C4E8001984" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*", "matchCriteriaId": "20673F1E-733D-41C4-A644-C482431C26EC" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*", "matchCriteriaId": "156DA55E-4152-47BF-A067-136EEC9ADE22" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*", "matchCriteriaId": "C2D2F5C4-7ACC-4514-ADBD-3948158B93CC" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:-:*:*:*:*:*:*", "matchCriteriaId": "AEE36B5C-262E-42B0-B3C1-5EAA003E84B7" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h1:*:*:*:*:*:*", "matchCriteriaId": "619AD3DA-9384-4CC5-9F3D-66DB5A055BCB" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h4:*:*:*:*:*:*", "matchCriteriaId": "1360C403-BCD8-420E-B907-4127E12B3A3A" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h6:*:*:*:*:*:*", "matchCriteriaId": "22206C8D-A8E8-4947-A277-F3256FD5D8ED" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:-:*:*:*:*:*:*", "matchCriteriaId": "B3AF86BD-C317-45C7-96B6-34BD82579FDB" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h1:*:*:*:*:*:*", "matchCriteriaId": "09F61A78-1B7C-41F1-A0D8-0AB1E7ADF68C" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h3:*:*:*:*:*:*", "matchCriteriaId": "7B7C37B3-EDA9-45D9-94A2-E7B24BA6C887" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*", "matchCriteriaId": "A8C42D98-CF8F-456B-9D57-80BBDC2C8E74" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*", "matchCriteriaId": "B3AAD4BA-22DD-43D3-91F1-8A6F5FBBF029" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*", "matchCriteriaId": "776E06EC-2FDA-4664-AB43-9F6BE9B897CA" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*", "matchCriteriaId": "CBE09375-A863-42FF-813F-C20679D7C45C" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*", "matchCriteriaId": "1311961A-0EF6-488E-B0C2-EDBD508587C9" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:*:*:*:*:*:*", "matchCriteriaId": "5D64390F-F870-4DBF-B0FE-BCDFE58C8685" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:*:*:*:*:*:*", "matchCriteriaId": "CBA2B4FA-16C2-41B9-856D-EDC0CAF7A164" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:*", "matchCriteriaId": "D814F3A3-5E9D-426D-A654-1346D9ECE9B3" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:*", "matchCriteriaId": "8C7E9211-7041-4720-B4B9-3EA95D425263" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "8BB72E15-486F-491F-A08D-E1AC2C8AB121" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:*", "matchCriteriaId": "B5E7EFD5-2179-45BF-BF5B-197B66903D9C" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:*", "matchCriteriaId": "3EF4AE4F-36F3-4923-AE1E-DE9E036D4E2F" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:*", "matchCriteriaId": "10587864-8777-40F9-B162-BFBFAB8F5E06" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:*", "matchCriteriaId": "10A69DAE-5AD5-4E1C-9DF0-C7B7BB023B66" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:*", "matchCriteriaId": "DFAA23E0-232D-42AA-A5A9-87063348D0DF" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:*", "matchCriteriaId": "50EA3EAC-91BD-4B30-A885-BED95B48CC3F" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:*", "matchCriteriaId": "FD0CC02E-6079-4094-A355-E3300D7D4DD1" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:*", "matchCriteriaId": "C25AD9EA-7DDC-4704-9D7C-A1D6C1F5F696" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:*:*:*:*:*:*", "matchCriteriaId": "2416C2EF-1085-493D-84D7-18F7577D4A01" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:*:*:*:*:*:*", "matchCriteriaId": "5E1D99D8-300C-4985-835C-3EBA2BFC098B" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:*", "matchCriteriaId": "8B689FAD-0469-4222-A7EF-3268CCDA43A7" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:*:*:*:*:*:*", "matchCriteriaId": "CB3F7D3E-1479-435B-9249-F8F963440D0A" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:-:*:*:*:*:*:*", "matchCriteriaId": "D27A5944-FCD8-44AB-9986-0FCA24E81F5B" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h1:*:*:*:*:*:*", "matchCriteriaId": "B4425F47-446D-49C1-AAC9-5F5B7E5422A6" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h10:*:*:*:*:*:*", "matchCriteriaId": "CC74ECE3-4F2C-450C-A781-16B1E53AF960" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h3:*:*:*:*:*:*", "matchCriteriaId": "A0ED8E63-B8F0-482A-A8A9-13C21D60EEB9" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h5:*:*:*:*:*:*", "matchCriteriaId": "9110DBFB-07D6-4D64-A8AA-C0E7A7037A87" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:-:*:*:*:*:*:*", "matchCriteriaId": "723956E9-11FD-42A0-8A35-C1FDE9E1877C" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h1:*:*:*:*:*:*", "matchCriteriaId": "5601B7E0-68C9-4226-AA3D-D20012F6394B" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-:*:*:*:*:*:*", "matchCriteriaId": "82FBA0C5-1385-42DD-A85D-DA1D818D0EF3" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h1:*:*:*:*:*:*", "matchCriteriaId": "6FAC22EB-FB4C-4E9D-99A1-D4902262ED06" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h2:*:*:*:*:*:*", "matchCriteriaId": "B3D65F1C-B055-408E-B7F2-512F13BEDCA6" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h3:*:*:*:*:*:*", "matchCriteriaId": "B1B284FD-575E-46EA-95D8-D9E5FBBA8229" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:-:*:*:*:*:*:*", "matchCriteriaId": "2DC41D6E-8632-44BB-BC05-7C22A02306A2" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:h1:*:*:*:*:*:*", "matchCriteriaId": "AF099226-A77E-4FDC-A044-8CA46D015C2C" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "5F7627B3-A463-4570-BA23-663FEB7B4A8B" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h1:*:*:*:*:*:*", "matchCriteriaId": "275872C1-1EBB-4447-8C9F-347F757BFF42" }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h3:*:*:*:*:*:*", "matchCriteriaId": "4F36A8CA-4B15-4A88-BA51-2346506DE6E5" } ] } ] } ], "references": [ { "url": "https://security.paloaltonetworks.com/CVE-2024-3400", "source": "psirt@paloaltonetworks.com", "tags": [ "Vendor Advisory" ] }, { "url": "https://unit42.paloaltonetworks.com/cve-2024-3400/", "source": "psirt@paloaltonetworks.com", "tags": [ "Exploit", "Vendor Advisory" ] }, { "url": "https://www.paloaltonetworks.com/blog/2024/04/more-on-the-pan-os-cve/", "source": "psirt@paloaltonetworks.com", "tags": [ "Technical Description", "Vendor Advisory" ] }, { "url": "https://www.volexity.com/blog/2024/04/12/zero-day-exploitation-of-unauthenticated-remote-code-execution-vulnerability-in-globalprotect-cve-2024-3400/", "source": "psirt@paloaltonetworks.com", "tags": [ "Exploit", "Third Party Advisory" ] } ] }