CVE-2024-5911 – PAN-OS: File Upload Vulnerability in the Panorama Web Interface
https://notcve.org/view.php?id=CVE-2024-5911
An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause the Panorama to enter maintenance mode, which requires manual intervention to bring the Panorama back online. Una vulnerabilidad de carga de archivos arbitraria en el software Panorama de Palo Alto Networks permite que un administrador de lectura y escritura autenticado con acceso a la interfaz web interrumpa los procesos del sistema y bloquee Panorama. Los ataques repetidos eventualmente hacen que Panorama entre en modo de mantenimiento, lo que requiere intervención manual para volver a ponerlo en línea. • https://security.paloaltonetworks.com/CVE-2024-5911 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2024-3388 – PAN-OS: User Impersonation in GlobalProtect SSL VPN
https://notcve.org/view.php?id=CVE-2024-3388
A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated attacker to impersonate another user and send network packets to internal assets. However, this vulnerability does not allow the attacker to receive response packets from those internal assets. • https://github.com/Grantzile/PoC-CVE-2024-33883 https://security.paloaltonetworks.com/CVE-2024-3388 • CWE-269: Improper Privilege Management CWE-863: Incorrect Authorization •
CVE-2024-3387 – PAN-OS: Weak Certificate Strength in Panorama Software Leads to Sensitive Information Disclosure
https://notcve.org/view.php?id=CVE-2024-3387
A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing resources, the attacker could break encrypted communication and expose sensitive information that is shared between the management server and the firewalls. • https://security.paloaltonetworks.com/CVE-2024-3387 • CWE-326: Inadequate Encryption Strength •
CVE-2024-3386 – PAN-OS: Predefined Decryption Exclusions Does Not Work as Intended
https://notcve.org/view.php?id=CVE-2024-3386
An incorrect string comparison vulnerability in Palo Alto Networks PAN-OS software prevents Predefined Decryption Exclusions from functioning as intended. This can cause traffic destined for domains that are not specified in Predefined Decryption Exclusions to be unintentionally excluded from decryption. • https://security.paloaltonetworks.com/CVE-2024-3386 • CWE-436: Interpretation Conflict •
CVE-2024-3385 – PAN-OS: Firewall Denial of Service (DoS) when GTP Security is Disabled
https://notcve.org/view.php?id=CVE-2024-3385
A packet processing mechanism in Palo Alto Networks PAN-OS software enables a remote attacker to reboot hardware-based firewalls. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online. This affects the following hardware firewall models: - PA-5400 Series firewalls - PA-7000 Series firewalls • https://security.paloaltonetworks.com/CVE-2024-3385 • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference •