CVE-2024-3400 PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect

2024-04-1207:20:00

CWE-20

CWE-77

palo_alto

www.cve.org

cve-2024-3400

pan-os

command injection

globalprotect

palo alto networks

vulnerability

unauthenticated attacker

root privileges

firewall

cloud ngfw

panorama

prisma access

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

10 High

AI Score

Confidence

High

0.957 High

EPSS

Percentile

99.4%

JSON

A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.

Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "PAN-OS",
    "vendor": "Palo Alto Networks",
    "versions": [
      {
        "status": "unaffected",
        "version": "9.0.0"
      },
      {
        "status": "unaffected",
        "version": "9.1.0"
      },
      {
        "status": "unaffected",
        "version": "10.0.0"
      },
      {
        "status": "unaffected",
        "version": "10.1.0"
      },
      {
        "changes": [
          {
            "at": "10.2.9-h1",
            "status": "unaffected"
          }
        ],
        "lessThan": "10.2.9-h1",
        "status": "affected",
        "version": "10.2.0",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "11.0.4-h1",
            "status": "unaffected"
          }
        ],
        "lessThan": "11.0.4-h1",
        "status": "affected",
        "version": "11.0.0",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "11.1.2-h3",
            "status": "unaffected"
          }
        ],
        "lessThan": "11.1.2-h3",
        "status": "affected",
        "version": "11.1.0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Cloud NGFW",
    "vendor": "Palo Alto Networks",
    "versions": [
      {
        "status": "unaffected",
        "version": "All"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Prisma Access",
    "vendor": "Palo Alto Networks",
    "versions": [
      {
        "status": "unaffected",
        "version": "All"
      }
    ]
  }
]