admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-34xx/CVE-2024-3400.json
cad-safe-bot 021b8ca3f1 Auto-Update: 2024-04-13T02:00:38.182295+00:00
2024-04-13 02:03:27 +00:00

59 lines
2.2 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-3400",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2024-04-12T08:15:06.230",
"lastModified": "2024-04-13T01:00:01.407",
"vulnStatus": "Awaiting Analysis",
"cisaExploitAdd": "2024-04-12",
"cisaActionDue": "2024-04-19",
"cisaRequiredAction": "Users of affected devices should enable Threat Prevention Threat ID 95187 if that is available, otherwise, disable device telemetry until patches are available from the vendor, per vendor instructions.",
"cisaVulnerabilityName": "Palo Alto Networks PAN-OS Command Injection Vulnerability",
"descriptions": [
{
"lang": "en",
"value": "A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.\n\nFixes for PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 are in development and are expected to be released by April 14, 2024. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability. All other versions of PAN-OS are also not impacted."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@paloaltonetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "psirt@paloaltonetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-3400",
"source": "psirt@paloaltonetworks.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink