CVE-2024-3400

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-3400
A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability.

10.0 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References
Link Resource
https://security.paloaltonetworks.com/CVE-2024-3400 Vendor Advisory
https://unit42.paloaltonetworks.com/cve-2024-3400/ Exploit Vendor Advisory
https://www.paloaltonetworks.com/blog/2024/04/more-on-the-pan-os-cve/ Technical Description Vendor Advisory
https://www.volexity.com/blog/2024/04/12/zero-day-exploitation-of-unauthenticated-remote-code-execution-vulnerability-in-globalprotect-cve-2024-3400/ Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h1:*:*:*:*:*:*
History

23 Apr 2024, 19:57

Type Values Removed Values Added
CPE cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:*:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:*:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:*		 cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h2:*:*:*:*:*:*
References () https://www.paloaltonetworks.com/blog/2024/04/more-on-the-pan-os-cve/ - () https://www.paloaltonetworks.com/blog/2024/04/more-on-the-pan-os-cve/ - Technical Description, Vendor Advisory

19 Apr 2024, 23:15

Type Values Removed Values Added
References
  • () https://www.paloaltonetworks.com/blog/2024/04/more-on-the-pan-os-cve/ -

18 Apr 2024, 23:15

Type Values Removed Values Added
CWE CWE-20
Summary (en) A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability. (en) A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability.

15 Apr 2024, 20:15

Type Values Removed Values Added
CPE cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:*:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:*:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:*
Summary
  • (es) Una vulnerabilidad de inyección de comandos en la función GlobalProtect del software PAN-OS de Palo Alto Networks para versiones específicas de PAN-OS y configuraciones de funciones distintas puede permitir que un atacante no autenticado ejecute código arbitrario con privilegios de root en el firewall. Cloud NGFW, dispositivos Panorama y Prisma Access no se ven afectados por esta vulnerabilidad.
First Time Paloaltonetworks
Paloaltonetworks pan-os
References () https://security.paloaltonetworks.com/CVE-2024-3400 - () https://security.paloaltonetworks.com/CVE-2024-3400 - Vendor Advisory
References () https://unit42.paloaltonetworks.com/cve-2024-3400/ - () https://unit42.paloaltonetworks.com/cve-2024-3400/ - Exploit, Vendor Advisory
References () https://www.volexity.com/blog/2024/04/12/zero-day-exploitation-of-unauthenticated-remote-code-execution-vulnerability-in-globalprotect-cve-2024-3400/ - () https://www.volexity.com/blog/2024/04/12/zero-day-exploitation-of-unauthenticated-remote-code-execution-vulnerability-in-globalprotect-cve-2024-3400/ - Exploit, Third Party Advisory

15 Apr 2024, 04:15

Type Values Removed Values Added
References
  • () https://unit42.paloaltonetworks.com/cve-2024-3400/ -
  • () https://www.volexity.com/blog/2024/04/12/zero-day-exploitation-of-unauthenticated-remote-code-execution-vulnerability-in-globalprotect-cve-2024-3400/ -
Summary (en) A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Fixes for PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 are in development and are expected to be released by April 14, 2024. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability. All other versions of PAN-OS are also not impacted. (en) A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability.

12 Apr 2024, 17:17

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 9.8 		v2 : unknown
v3 : 10.0

12 Apr 2024, 08:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-04-12 08:15

Updated : 2024-04-23 19:57

NVD link : CVE-2024-3400

Mitre link : CVE-2024-3400

CVE.ORG link : CVE-2024-3400

JSON object : View

Products Affected

paloaltonetworks

  • pan-os
CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

CWE-20

Improper Input Validation