admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-33xx/CVE-2024-3388.json
cad-safe-bot b8e02dcf26 Auto-Update: 2025-01-24T17:00:32.072783+00:00
2025-01-24 17:03:56 +00:00

212 lines
7.0 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-3388",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2024-04-10T17:15:57.970",
"lastModified": "2025-01-24T16:16:18.310",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated attacker to impersonate another user and send network packets to internal assets. However, this vulnerability does not allow the attacker to receive response packets from those internal assets."
},
{
"lang": "es",
"value": "Una vulnerabilidad en GlobalProtect Gateway del software PAN-OS de Palo Alto Networks permite que un atacante autenticado se haga pasar por otro usuario y env\u00ede paquetes de red a recursos internos. Sin embargo, esta vulnerabilidad no permite que el atacante reciba paquetes de respuesta de esos recursos internos."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@paloaltonetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@paloaltonetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
},
{
"lang": "en",
"value": "CWE-863"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
},
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.1.0",
"versionEndExcluding": "8.1.26",
"matchCriteriaId": "E37C0550-B96B-4A7F-A330-F2D7F4756D8D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.0.0",
"versionEndExcluding": "9.0.17",
"matchCriteriaId": "89A55C5F-8E01-42C4-BE93-D683900C07BE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.1.0",
"versionEndExcluding": "9.1.17",
"matchCriteriaId": "9F9FFBA6-7008-422B-9CF1-E37CA62081EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.1.0",
"versionEndExcluding": "10.1.11",
"matchCriteriaId": "77695C8C-9732-4605-A160-A5159BD8B49C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.2.0",
"versionEndExcluding": "10.2.7",
"matchCriteriaId": "243077CD-5021-4DF3-8AC7-5B14F7FD9710"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0.0",
"versionEndExcluding": "11.0.3",
"matchCriteriaId": "A6B9B8A6-A4A7-4C14-9D22-50FEF531F15D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:9.0.17:-:*:*:*:*:*:*",
"matchCriteriaId": "CDAE9753-EF8D-4B15-A73C-0EF56FE6C78C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:9.0.17:h1:*:*:*:*:*:*",
"matchCriteriaId": "2A142EE1-E516-4582-9A7E-6E4C74FB3991"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:-:*:*:*:*:*:*",
"matchCriteriaId": "F6242E26-AF44-4A19-ADD3-CBB798A862D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h1:*:*:*:*:*:*",
"matchCriteriaId": "72EF4202-7A13-4528-B928-CC34B76725B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h3:*:*:*:*:*:*",
"matchCriteriaId": "8E58BF5C-037D-45B1-8867-D510EC0F80B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*",
"matchCriteriaId": "A8C42D98-CF8F-456B-9D57-80BBDC2C8E74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*",
"matchCriteriaId": "B3AAD4BA-22DD-43D3-91F1-8A6F5FBBF029"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:paloaltonetworks:prisma_access:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFB6FBC7-DEEB-4571-BCF9-92345A4B614A"
}
]
}
]
}
],
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-3388",
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://security.paloaltonetworks.com/CVE-2024-3388",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink