VDB
CVE-2024-3388
CVE-2024-3388
PUBLISHED
Es existiert eine Schwachstelle in PaloAlto Networks PAN-OS. Ein Fehler im GlobalProtect Gateway ermöglicht es sich als ein anderer Benutzer auszugeben und Netzwerkpakete an interne Anlagen zu senden. Ein authentisierter Angreifer kann diese Schwachstelle ausnutze um Sicherheitsvorkehrungen zu umgehen.
EPSS 0.20% · 41.5th percentile
Risk Scores
EPSS Score
0.20%
41.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| PaloAlto Networks | PaloAlto Networks PAN-OS 10.2 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS 9.1 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS 10.1 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS 9.0 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS 8.1 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS 11.0 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS 10.0 |
Exploit Intelligence
- CIRCL seen: CVE-2024-3388 (circl-sighting)
- https://security.paloaltonetworks.com/CVE-2024-3388 (circl)
Timeline
- Apr 10, 2024 CVE Published
- Apr 11, 2024 EPSS Score
- Apr 15, 2024 PoC Published
- May 6, 2024 EPSS Score
- May 31, 2024 EPSS Score
- Jun 26, 2024 EPSS Score
- Jul 21, 2024 EPSS Score
- Aug 1, 2024 CVE Updated
- Aug 15, 2024 EPSS Score
- Sep 9, 2024 EPSS Score
- Oct 4, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0853.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0853 advisory
- https://security.paloaltonetworks.com/CVE-2024-3382 advisory
- https://security.paloaltonetworks.com/CVE-2024-3383 advisory
- https://security.paloaltonetworks.com/CVE-2024-3384 advisory
- https://security.paloaltonetworks.com/CVE-2024-3385 advisory
- https://security.paloaltonetworks.com/CVE-2024-3386 advisory
- https://security.paloaltonetworks.com/CVE-2024-3387 advisory
- https://security.paloaltonetworks.com/CVE-2024-3388 advisory