CVE-2024-3388

Published Apr 10, 2024

Last updated a month ago

CVSS medium 4.1

Overview

Description: A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated attacker to impersonate another user and send network packets to internal assets. However, this vulnerability does not allow the attacker to receive response packets from those internal assets.
Source: psirt@paloaltonetworks.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 5
Impact score: 1.4
Exploitability score: 3.1
Vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
Severity: MEDIUM

Weaknesses

psirt@paloaltonetworks.com: CWE-269
nvd@nist.gov: CWE-269

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E37C0550-B96B-4A7F-A330-F2D7F4756D8D",
            "versionEndExcluding": "8.1.26",
            "versionStartIncluding": "8.1.0"
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "89A55C5F-8E01-42C4-BE93-D683900C07BE",
            "versionEndExcluding": "9.0.17",
            "versionStartIncluding": "9.0.0"
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9F9FFBA6-7008-422B-9CF1-E37CA62081EB",
            "versionEndExcluding": "9.1.17",
            "versionStartIncluding": "9.1.0"
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77695C8C-9732-4605-A160-A5159BD8B49C",
            "versionEndExcluding": "10.1.11",
            "versionStartIncluding": "10.1.0"
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "243077CD-5021-4DF3-8AC7-5B14F7FD9710",
            "versionEndExcluding": "10.2.7",
            "versionStartIncluding": "10.2.0"
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A6B9B8A6-A4A7-4C14-9D22-50FEF531F15D",
            "versionEndExcluding": "11.0.3",
            "versionStartIncluding": "11.0.0"
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:9.0.17:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CDAE9753-EF8D-4B15-A73C-0EF56FE6C78C"
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:9.0.17:h1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2A142EE1-E516-4582-9A7E-6E4C74FB3991"
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F6242E26-AF44-4A19-ADD3-CBB798A862D1"
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "72EF4202-7A13-4528-B928-CC34B76725B4"
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8E58BF5C-037D-45B1-8867-D510EC0F80B9"
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A8C42D98-CF8F-456B-9D57-80BBDC2C8E74"
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3AAD4BA-22DD-43D3-91F1-8A6F5FBBF029"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:paloaltonetworks:prisma_access:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FFB6FBC7-DEEB-4571-BCF9-92345A4B614A"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References