CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2024-3386 – PAN-OS: Predefined Decryption Exclusions Does Not Work as Intended
https://notcve.org/view.php?id=CVE-2024-3386
An incorrect string comparison vulnerability in Palo Alto Networks PAN-OS software prevents Predefined Decryption Exclusions from functioning as intended. This can cause traffic destined for domains that are not specified in Predefined Decryption Exclusions to be unintentionally excluded from decryption. • https://security.paloaltonetworks.com/CVE-2024-3386 • CWE-436: Interpretation Conflict •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-3385 – PAN-OS: Firewall Denial of Service (DoS) when GTP Security is Disabled
https://notcve.org/view.php?id=CVE-2024-3385
A packet processing mechanism in Palo Alto Networks PAN-OS software enables a remote attacker to reboot hardware-based firewalls. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online. This affects the following hardware firewall models: - PA-5400 Series firewalls - PA-7000 Series firewalls • https://security.paloaltonetworks.com/CVE-2024-3385 • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference •
CVSS: 7.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-3383 – PAN-OS: Improper Group Membership Change Vulnerability in Cloud Identity Engine (CIE)
https://notcve.org/view.php?id=CVE-2024-3383
A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine (CIE) agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your existing Security Policy rules. • https://security.paloaltonetworks.com/CVE-2024-3383 • CWE-282: Improper Ownership Management •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 2CVE-2024-2433 – PAN-OS: Improper Privilege Management Vulnerability in Panorama Software Leads to Availability Loss
https://notcve.org/view.php?id=CVE-2024-2433
An improper authorization vulnerability in Palo Alto Networks Panorama software enables an authenticated read-only administrator to upload files using the web interface and completely fill one of the disk partitions with those uploaded files, which prevents the ability to log into the web interface or to download PAN-OS, WildFire, and content images. This issue affects only the web interface of the management plane; the dataplane is unaffected. Una vulnerabilidad de autorización inadecuada en el software Panorama de Palo Alto Networks permite que un administrador autenticado de solo lectura cargue archivos utilizando la interfaz web y llene completamente una de las particiones del disco con esos archivos cargados, lo que impide iniciar sesión en la interfaz web o descargarlos. PAN-OS, WildFire e imágenes de contenido. Este problema afecta únicamente a la interfaz web del plano de gestión; el plano de datos no se ve afectado. • https://github.com/nitipoom-jar/CVE-2024-24337 https://github.com/nitipoom-jar/CVE-2024-24336 https://security.paloaltonetworks.com/CVE-2024-2433 • CWE-269: Improper Privilege Management •
CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-0009 – PAN-OS: Improper IP Address Verification in GlobalProtect Gateway
https://notcve.org/view.php?id=CVE-2024-0009
An improper verification vulnerability in the GlobalProtect gateway feature of Palo Alto Networks PAN-OS software enables a malicious user with stolen credentials to establish a VPN connection from an unauthorized IP address. Una vulnerabilidad de verificación incorrecta en la función de puerta de enlace GlobalProtect del software PAN-OS de Palo Alto Networks permite a un usuario malintencionado con credenciales robadas establecer una conexión VPN desde una dirección IP no autorizada. • https://security.paloaltonetworks.com/CVE-2024-0009 • CWE-940: Improper Verification of Source of a Communication Channel •