Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-3382

A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst of crafted packets through the firewall that eventually prevents the firewall from processing traffic. This issue applies only to PA-5400 Series devices that are running PAN-OS software with the SSL Forward Proxy feature enabled.

Published

2024-04-10T17:15:56.793

Last Modified

2025-01-22T15:44:24.527

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Secondary
CWE-770
Type: Primary
CWE-401

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	paloaltonetworks	pan-os	< 10.2.7	Yes
Operating System	paloaltonetworks	pan-os	< 11.0.4	Yes
Operating System	paloaltonetworks	pan-os	< 11.1.2	Yes
Operating System	paloaltonetworks	pan-os	10.2.7	Yes
Operating System	paloaltonetworks	pan-os	10.2.7	Yes
Hardware	paloaltonetworks	pa-5410	-	No
Hardware	paloaltonetworks	pa-5420	-	No
Hardware	paloaltonetworks	pa-5430	-	No
Hardware	paloaltonetworks	pa-5440	-	No
Hardware	paloaltonetworks	pa-5445	-	No

References

https://security.paloaltonetworks.com/CVE-2024-3382 Vendor Advisory ([email protected])
https://security.paloaltonetworks.com/CVE-2024-3382 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)