{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-3387", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "state": "PUBLISHED", "assignerShortName": "palo_alto", "dateReserved": "2024-04-05T17:40:19.884Z", "datePublished": "2024-04-10T17:06:36.676Z", "dateUpdated": "2024-08-01T20:12:06.646Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "PAN-OS", "vendor": "Palo Alto Networks", "versions": [{"status": "unaffected", "version": "9.0.0"}, {"status": "unaffected", "version": "9.1.0"}, {"changes": [{"at": "10.1.12", "status": "unaffected"}], "lessThan": "10.1.12", "status": "affected", "version": "10.1.0", "versionType": "custom"}, {"changes": [{"at": "10.2.7-h3", "status": "unaffected"}], "lessThan": "10.2.7-h3", "status": "affected", "version": "10.2.0", "versionType": "custom"}, {"changes": [{"at": "10.2.8", "status": "unaffected"}], "lessThan": "10.2.8", "status": "affected", "version": "10.2.0", "versionType": "custom"}, {"changes": [{"at": "11.0.4", "status": "unaffected"}], "lessThan": "11.0.4", "status": "affected", "version": "11.0.0", "versionType": "custom"}, {"status": "unaffected", "version": "11.1.0"}]}, {"defaultStatus": "unaffected", "product": "Cloud NGFW", "vendor": "Palo Alto Networks", "versions": [{"status": "unaffected", "version": "All"}]}, {"defaultStatus": "unaffected", "product": "Prisma Access", "vendor": "Palo Alto Networks", "versions": [{"status": "unaffected", "version": "All"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Palo Alto Networks thanks one of our customers for discovering and reporting this issue."}], "datePublic": "2024-04-10T16:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing resources, the attacker could break encrypted communication and expose sensitive information that is shared between the management server and the firewalls."}], "value": "A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing resources, the attacker could break encrypted communication and expose sensitive information that is shared between the management server and the firewalls."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.<br>"}], "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"}], "impacts": [{"capecId": "CAPEC-20", "descriptions": [{"lang": "en", "value": "CAPEC-20 Encryption Brute Forcing"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-326", "description": "CWE-326 Inadequate Encryption Strength", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2024-04-10T17:06:36.676Z"}, "references": [{"url": "https://security.paloaltonetworks.com/CVE-2024-3387"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "This issue is fixed in PAN-OS 10.1.12, PAN-OS 10.2.7-h3, PAN-OS 10.2.8, PAN-OS 11.0.4, and all later PAN-OS versions.<br>"}], "value": "This issue is fixed in PAN-OS 10.1.12, PAN-OS 10.2.7-h3, PAN-OS 10.2.8, PAN-OS 11.0.4, and all later PAN-OS versions.\n"}], "source": {"defect": ["PAN-200047"], "discovery": "USER"}, "timeline": [{"lang": "en", "time": "2024-04-10T16:00:00.000Z", "value": "Initial publication"}], "title": "PAN-OS: Weak Certificate Strength in Panorama Software Leads to Sensitive Information Disclosure", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-3387", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-19T19:33:54.917377Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*"], "vendor": "paloaltonetworks", "product": "pan-os", "versions": [{"status": "affected", "version": "10.2.2"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:*:*:*:*:*:*:*"], "vendor": "paloaltonetworks", "product": "pan-os", "versions": [{"status": "affected", "version": "10.1.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*"], "vendor": "paloaltonetworks", "product": "pan-os", "versions": [{"status": "affected", "version": "11.0.0"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:31:52.758Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:12:06.646Z"}, "title": "CVE Program Container", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2024-3387", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2024-3387", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:12:06.646Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-3387", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-19T19:33:54.917377Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*"], "vendor": "paloaltonetworks", "product": "pan-os", "versions": [{"status": "affected", "version": "10.2.2"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:*:*:*:*:*:*:*"], "vendor": "paloaltonetworks", "product": "pan-os", "versions": [{"status": "affected", "version": "10.1.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*"], "vendor": "paloaltonetworks", "product": "pan-os", "versions": [{"status": "affected", "version": "11.0.0"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-04-19T19:46:39.562Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "PAN-OS: Weak Certificate Strength in Panorama Software Leads to Sensitive Information Disclosure", "source": {"defect": ["PAN-200047"], "discovery": "USER"}, "credits": [{"lang": "en", "type": "finder", "value": "Palo Alto Networks thanks one of our customers for discovering and reporting this issue."}], "impacts": [{"capecId": "CAPEC-20", "descriptions": [{"lang": "en", "value": "CAPEC-20 Encryption Brute Forcing"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Palo Alto Networks", "product": "PAN-OS", "versions": [{"status": "unaffected", "version": "9.0.0"}, {"status": "unaffected", "version": "9.1.0"}, {"status": "affected", "changes": [{"at": "10.1.12", "status": "unaffected"}], "version": "10.1.0", "lessThan": "10.1.12", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "10.2.7-h3", "status": "unaffected"}], "version": "10.2.0", "lessThan": "10.2.7-h3", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "10.2.8", "status": "unaffected"}], "version": "10.2.0", "lessThan": "10.2.8", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "11.0.4", "status": "unaffected"}], "version": "11.0.0", "lessThan": "11.0.4", "versionType": "custom"}, {"status": "unaffected", "version": "11.1.0"}], "defaultStatus": "unaffected"}, {"vendor": "Palo Alto Networks", "product": "Cloud NGFW", "versions": [{"status": "unaffected", "version": "All"}], "defaultStatus": "unaffected"}, {"vendor": "Palo Alto Networks", "product": "Prisma Access", "versions": [{"status": "unaffected", "version": "All"}], "defaultStatus": "unaffected"}], "exploits": [{"lang": "en", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n", "supportingMedia": [{"type": "text/html", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.<br>", "base64": false}]}], "timeline": [{"lang": "en", "time": "2024-04-10T16:00:00.000Z", "value": "Initial publication"}], "solutions": [{"lang": "en", "value": "This issue is fixed in PAN-OS 10.1.12, PAN-OS 10.2.7-h3, PAN-OS 10.2.8, PAN-OS 11.0.4, and all later PAN-OS versions.\n", "supportingMedia": [{"type": "text/html", "value": "This issue is fixed in PAN-OS 10.1.12, PAN-OS 10.2.7-h3, PAN-OS 10.2.8, PAN-OS 11.0.4, and all later PAN-OS versions.<br>", "base64": false}]}], "datePublic": "2024-04-10T16:00:00.000Z", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2024-3387"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing resources, the attacker could break encrypted communication and expose sensitive information that is shared between the management server and the firewalls.", "supportingMedia": [{"type": "text/html", "value": "A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing resources, the attacker could break encrypted communication and expose sensitive information that is shared between the management server and the firewalls.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-326", "description": "CWE-326 Inadequate Encryption Strength"}]}], "providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2024-04-10T17:06:36.676Z"}}}, "cveMetadata": {"cveId": "CVE-2024-3387", "state": "PUBLISHED", "dateUpdated": "2024-08-01T20:12:06.646Z", "dateReserved": "2024-04-05T17:40:19.884Z", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "datePublished": "2024-04-10T17:06:36.676Z", "assignerShortName": "palo_alto"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "AC18B586-8FE2-4362-9F60-490FCB52569F", "versionEndExcluding": "10.1.12", "versionStartIncluding": "10.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "243077CD-5021-4DF3-8AC7-5B14F7FD9710", "versionEndExcluding": "10.2.7", "versionStartIncluding": "10.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "60048B56-C9E4-4492-9F4F-485AC3690FA6", "versionEndExcluding": "11.0.4", "versionStartIncluding": "11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*", "matchCriteriaId": "B3AAD4BA-22DD-43D3-91F1-8A6F5FBBF029", "vulnerable": true}, {"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h2:*:*:*:*:*:*", "matchCriteriaId": "FA109AEA-0015-4EAA-BD86-F070FEEA2DF7", "vulnerable": true}, {"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*", "matchCriteriaId": "776E06EC-2FDA-4664-AB43-9F6BE9B897CA", "vulnerable": true}, {"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h4:*:*:*:*:*:*", "matchCriteriaId": "20A2E1F0-8303-483F-9199-9FE257B8A228", "vulnerable": true}, {"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h5:*:*:*:*:*:*", "matchCriteriaId": "3AF4AB7F-F9B0-4DC4-BFC5-8FC60CE65A9B", "vulnerable": true}, {"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*", "matchCriteriaId": "CBE09375-A863-42FF-813F-C20679D7C45C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing resources, the attacker could break encrypted communication and expose sensitive information that is shared between the management server and the firewalls."}, {"lang": "es", "value": "Un certificado de dispositivo d\u00e9bil (baja potencia de bits) en el software Panorama de Palo Alto Networks permite a un atacante realizar un ataque de intermediario (MitM) para capturar el tr\u00e1fico cifrado entre el servidor de administraci\u00f3n de Panorama y los firewalls que administra. Con suficientes recursos inform\u00e1ticos, el atacante podr\u00eda interrumpir la comunicaci\u00f3n cifrada y exponer informaci\u00f3n confidencial que se comparte entre el servidor de administraci\u00f3n y los firewalls."}], "id": "CVE-2024-3387", "lastModified": "2026-01-30T21:13:20.710", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 3.6, "source": "psirt@paloaltonetworks.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-04-10T17:15:57.787", "references": [{"source": "psirt@paloaltonetworks.com", "tags": ["Vendor Advisory"], "url": "https://security.paloaltonetworks.com/CVE-2024-3387"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://security.paloaltonetworks.com/CVE-2024-3387"}], "sourceIdentifier": "psirt@paloaltonetworks.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-326"}], "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}

{}

{}