Memory Leak in PAN-OS Software Allows Attackers to Bypass Firewall

CVE-2024-3382

7.5HIGH

Key Information

Vendor: Palo Alto Networks
Status: Pan-os; Cloud Ngfw; Prisma Access
Vendor: CVE Published:; 10 April 2024

Summary

A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst of crafted packets through the firewall that eventually prevents the firewall from processing traffic. This issue applies only to PA-5400 Series devices that are running PAN-OS software with the SSL Forward Proxy feature enabled.

Affected Version(s)

PAN-OS >= 9.0.0

PAN-OS >= 9.1.0

PAN-OS >= 10.1.0

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Initial publication
Apr 10, 2024
Vulnerability published.
Apr 10, 2024
Vulnerability Reserved.
Apr 5, 2024

Collectors

NVD DatabaseMitre Database

Credit

Palo Alto Networks thanks Celedonio Albarran of Equity Residential and their Infrastructure and Security teams for discovering and reporting this issue.