/

CVE-2024-3387 Report - Details, Severity, & Advisories

CVE-2024-3387 Report - Details, Severity, & Advisories

Twingate Team

May 9, 2024

CVE-2024-3387 is a vulnerability in Palo Alto Networks Panorama software due to a weak device certificate, which could potentially lead to sensitive information disclosure through a meddler-in-the-middle (MitM) attack. The severity of this vulnerability is rated as medium, and it affects encrypted communication between the Panorama management server and the firewalls it manages. Systems using Palo Alto Networks Panorama software for managing firewalls are at risk.

How do I know if I'm affected?

To determine if you're affected by the CVE-2024-3387 vulnerability, you need to check your Panorama software version. The impacted versions include PAN-OS 11.0 versions less than 11.0.4 on Panorama, PAN-OS 10.2 versions less than 10.2.7-h3 on Panorama and less than 10.2.8 on Panorama, and PAN-OS 10.1 versions less than 10.1.12 on Panorama. No information about affected Apple product versions is available.

What should I do if I'm affected?

If you're affected by the CVE-2024-3387 vulnerability, update your Panorama software to a fixed version, such as PAN-OS 10.1.12, PAN-OS 10.2.7-h3, PAN-OS 10.2.8, or PAN-OS 11.0.4. This will help protect your system from potential sensitive information disclosure through a meddler-in-the-middle attack.

Is CVE-2024-3387 in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2024-3387 vulnerability is indeed listed in CISA's Known Exploited Vulnerabilities Catalog. It is named “A weak device certificate in Palo Alto Networks Panorama software” and was added on April 10, 2024. However, the due date and required action are not provided. In simpler terms, this vulnerability is a security issue in Panorama software that could allow a hacker to intercept and read encrypted information between the Panorama server and the firewalls it manages, potentially exposing sensitive data.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-326 involves inadequate encryption strength, which could allow an attacker to perform a meddler-in-the-middle attack and expose sensitive information.

For more details

CVE-2024-3387 is a medium-severity vulnerability in Palo Alto Networks Panorama software, which could lead to sensitive information disclosure through a meddler-in-the-middle attack. For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, refer to the NVD or the links below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

CVE-2024-3387 Report - Details, Severity, & Advisories

CVE-2024-3387 Report - Details, Severity, & Advisories

Twingate Team

May 9, 2024

CVE-2024-3387 is a vulnerability in Palo Alto Networks Panorama software due to a weak device certificate, which could potentially lead to sensitive information disclosure through a meddler-in-the-middle (MitM) attack. The severity of this vulnerability is rated as medium, and it affects encrypted communication between the Panorama management server and the firewalls it manages. Systems using Palo Alto Networks Panorama software for managing firewalls are at risk.

How do I know if I'm affected?

To determine if you're affected by the CVE-2024-3387 vulnerability, you need to check your Panorama software version. The impacted versions include PAN-OS 11.0 versions less than 11.0.4 on Panorama, PAN-OS 10.2 versions less than 10.2.7-h3 on Panorama and less than 10.2.8 on Panorama, and PAN-OS 10.1 versions less than 10.1.12 on Panorama. No information about affected Apple product versions is available.

What should I do if I'm affected?

If you're affected by the CVE-2024-3387 vulnerability, update your Panorama software to a fixed version, such as PAN-OS 10.1.12, PAN-OS 10.2.7-h3, PAN-OS 10.2.8, or PAN-OS 11.0.4. This will help protect your system from potential sensitive information disclosure through a meddler-in-the-middle attack.

Is CVE-2024-3387 in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2024-3387 vulnerability is indeed listed in CISA's Known Exploited Vulnerabilities Catalog. It is named “A weak device certificate in Palo Alto Networks Panorama software” and was added on April 10, 2024. However, the due date and required action are not provided. In simpler terms, this vulnerability is a security issue in Panorama software that could allow a hacker to intercept and read encrypted information between the Panorama server and the firewalls it manages, potentially exposing sensitive data.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-326 involves inadequate encryption strength, which could allow an attacker to perform a meddler-in-the-middle attack and expose sensitive information.

For more details

CVE-2024-3387 is a medium-severity vulnerability in Palo Alto Networks Panorama software, which could lead to sensitive information disclosure through a meddler-in-the-middle attack. For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, refer to the NVD or the links below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

CVE-2024-3387 Report - Details, Severity, & Advisories

Twingate Team

May 9, 2024

CVE-2024-3387 is a vulnerability in Palo Alto Networks Panorama software due to a weak device certificate, which could potentially lead to sensitive information disclosure through a meddler-in-the-middle (MitM) attack. The severity of this vulnerability is rated as medium, and it affects encrypted communication between the Panorama management server and the firewalls it manages. Systems using Palo Alto Networks Panorama software for managing firewalls are at risk.

How do I know if I'm affected?

To determine if you're affected by the CVE-2024-3387 vulnerability, you need to check your Panorama software version. The impacted versions include PAN-OS 11.0 versions less than 11.0.4 on Panorama, PAN-OS 10.2 versions less than 10.2.7-h3 on Panorama and less than 10.2.8 on Panorama, and PAN-OS 10.1 versions less than 10.1.12 on Panorama. No information about affected Apple product versions is available.

What should I do if I'm affected?

If you're affected by the CVE-2024-3387 vulnerability, update your Panorama software to a fixed version, such as PAN-OS 10.1.12, PAN-OS 10.2.7-h3, PAN-OS 10.2.8, or PAN-OS 11.0.4. This will help protect your system from potential sensitive information disclosure through a meddler-in-the-middle attack.

Is CVE-2024-3387 in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2024-3387 vulnerability is indeed listed in CISA's Known Exploited Vulnerabilities Catalog. It is named “A weak device certificate in Palo Alto Networks Panorama software” and was added on April 10, 2024. However, the due date and required action are not provided. In simpler terms, this vulnerability is a security issue in Panorama software that could allow a hacker to intercept and read encrypted information between the Panorama server and the firewalls it manages, potentially exposing sensitive data.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-326 involves inadequate encryption strength, which could allow an attacker to perform a meddler-in-the-middle attack and expose sensitive information.

For more details

CVE-2024-3387 is a medium-severity vulnerability in Palo Alto Networks Panorama software, which could lead to sensitive information disclosure through a meddler-in-the-middle attack. For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, refer to the NVD or the links below.