VDB
BDU%3A2024-02881
BDU%3A2024-02881
PUBLISHED
CVSS 10 CRITICAL
Уязвимость функции GlobalProtect операционной системы PAN-OS, позволяющая нарушителю выполнить произвольный код с root-привилегиями
Risk Scores
CVSS 3.1
10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Palo Alto Networks | PAN-OS | 10.2.0, 11.0.0, 11.1.0 |
| Palo Alto Networks | Cloud NGFW | All |
| Palo Alto Networks | Prisma Access | All |
| paloaltonetworks | pan-os | 10.2.0, 11.0.0, 11.1.0 |
| Palo Alto Networks Inc. | PAN-OS |
Timeline
- Apr 12, 2024 CVE Published
- Apr 12, 2024 PoC Published
- Apr 12, 2024 PoC Published
- Apr 12, 2024 PoC Published
- Apr 12, 2024 PoC Published
- Apr 12, 2024 PoC Published
- Apr 12, 2024 PoC Published
- Apr 12, 2024 PoC Published
- Apr 12, 2024 PoC Published
- Apr 12, 2024 PoC Published
- Apr 12, 2024 PoC Published
- Apr 12, 2024 PoC Published
References
- https://security.paloaltonetworks.com/CVE-2024-3400 url
- https://unit42.paloaltonetworks.com/cve-2024-3400/ url
- https://www.volexity.com/blog/2024/04/12/zero-day-exploitation-of-unauthenticated-remote-code-execution-vulnerability-in-globalprotect-cve-2024-3400/ url
- https://www.cisa.gov/sites/default/files/csv/known_exploited_vulnerabilities.csv url
- https://www.paloaltonetworks.com/blog/2024/04/more-on-the-pan-os-cve/ url
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-3400 url