CVE 10.0 vulnerability in PAN-OS

security.paloaltonetworks.com

cross-posted to:
blueteamsec
cybersecurity

CVE 10.0 vulnerability in PAN-OS

security.paloaltonetworks.com

@bOtM to Technical Information Security Content & Discussion • 6 months ago

cross-posted to:
blueteamsec
cybersecurity

CVE-2024-3400 PAN-OS: OS Command Injection Vulnerability in GlobalProtect Gateway

security.paloaltonetworks.com

A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated atta...

The original post: /r/netsec by /u/kerubi on 2024-04-12 09:29:52.

This issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 firewalls with the configurations for both GlobalProtect gateway and device telemetry enabled.

No patch yet, apply mitigations. Actively exploited.

You must log in or register to comment.

Chat