Palo Alto PAN-OS Denial Of Service Vulnerability
Release Date: 30 Dec 2024
RISK: High Risk
TYPE: Security software and application - Security Software & Appliance
A vulnerability was identified in Palo Alto PAN-OS. A remote attacker can exploit this vulnerability to trigger denial of service condition on the targeted system.
Note:
The firewall configuration must have either a DNS Security License or an Advanced DNS Security License, AND DNS Security logging must be enabled for this issue to be misused by a remote attacker.
CVE-2024-3393 is being exploited in the wild. Exploitation of CVE-2024-3393 will cause the firewall to enter maintenance mode.
Impact
- Denial of Service
System / Technologies affected
- PAN-OS 10.1 versions >= 10.1.14, < 10.1.15
- PAN-OS 10.2 versions >= 10.2.8, < 10.2.14
- PAN-OS 11.1 versions earlier than PAN-OS 11.1.5
- PAN-OS 11.2 versions earlier than PAN-OS 11.2.3
- PAN-OS Prisma Access versions >= 10.2.8, < 11.2.3
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor
- For detail, please refer to the link below:
https://security.paloaltonetworks.com/CVE-2024-3393
沒有留言:
發佈留言