Security Advisory

Palo Alto Networks (PAN-OS, Cloud NGFW, Prisma Access) Products April 2024 Security Update Advisory

  • Apr 11 2024

Overview

 

Palo Alto Networks(https://www.paloaltonetworks.com/) has released a security update that fixes vulnerabilities in products it has been made. users of affected products are advised to update to the latest version.

 

Affected Products

 

PAN-OS,Cloud NGFW,Prisma Access prior to version 11.0.3

PAN-OS,Cloud NGFW,Prisma Access prior to version 10.2.5

PAN-OS,Cloud NGFW,Prisma Access prior to version 10.1.11

PAN-OS,Cloud NGFW,Prisma Access prior to version 10.0.12

PAN-OS,Cloud NGFW,Prisma Access prior to version 9.1.15-h1

PAN-OS,Cloud NGFW,Prisma Access prior to version 9.0.17

PAN-OS,Cloud NGFW,Prisma Access prior to version 8.1.24

PAN-OS,Cloud NGFW,Prisma Access prior to version 11.0.3

PAN-OS,Cloud NGFW,Prisma Access prior to version 10.2.8

PAN-OS,Cloud NGFW,Prisma Access prior to version 10.1.12

PAN-OS,Cloud NGFW,Prisma Access prior to version 9.1.17

PAN-OS,Cloud NGFW,Prisma Access prior to version 9.0.17-h4

PAN-OS,Cloud NGFW,Prisma Access prior to version 11.1.2

PAN-OS,Cloud NGFW,Prisma Access prior to version 11.0.4

PAN-OS,Cloud NGFW,Prisma Access prior to version 10.2.7-h3

PAN-OS,Cloud NGFW,Prisma Access version 11.0.1-h2, < 11.0.2 

PAN-OS,Cloud NGFW,Prisma Access version 10.2.4-h2, < 10.2.5

PAN-OS,Cloud NGFW,Prisma Access version 10.1.9-h3, < 10.1.10 

PAN-OS,Cloud NGFW,Prisma Access prior to version 10.0.13

PAN-OS,Cloud NGFW,Prisma Access prior to version 9.1.17

PAN-OS,Cloud NGFW,Prisma Access prior to version 9.0.17-h2

PAN-OS,Cloud NGFW,Prisma Access prior to version 11.0.4 on Panorama

PAN-OS,Cloud NGFW,Prisma Access 10.2.7-h3 < 10.2.8 on Panorama

PAN-OS,Cloud NGFW,Prisma Access prior to version 10.1.12 on Panorama

PAN-OS,Cloud NGFW,Prisma Access prior to version 10.2.4

PAN-OS,Cloud NGFW,Prisma Access prior to version 11.0.3

PAN-OS,Cloud NGFW,Prisma Access prior to version 10.2.7-h3

PAN-OS,Cloud NGFW,Prisma Access prior to version 10.1.11-h4

PAN-OS,Cloud NGFW,Prisma Access prior to version 9.1.17

PAN-OS,Cloud NGFW,Prisma Access prior to version 9.0.17-h4 

PAN-OS,Cloud NGFW,Prisma Access prior to version 8.1.26

 

Resolved Vulnerabilities

 

Vulnerability in the way Palo Alto Networks PAN-OS software handles data received from the Cloud Identity Engine (CIE) agent could allow modification of the User-ID group (CVE-2024-3383, CVSS 8.3) [1]

Vulnerability in PAN-OS,Cloud NGFW,Prisma Access when receiving Windows New Technology LAN Manager (NTLM) packets from a Windows server allows remote attackers to reboot the PAN-OS firewall (CVE-2024-3384, CVSS 8.2) [2]

Vulnerability in PAN-OS, Cloud NGFW, and Prisma Access that allows remote attackers to reboot the hardware-based firewall (CVE-2024-3385, CVSS 8.2) [3]

Vulnerability in PAN-OS, Cloud NGFW, and Prisma Access that allows crafted packets to be exploded through the firewall, eventually causing the firewall to fail to handle traffic (CVE-2024-3382, CVSS 8.2) [4]

A vulnerability in Palo Alto Networks PAN-OS software due to an incorrect string comparison that prevents predefined decryption exclusions from working as intended (CVE-2024-3386, CVSS 6.9) [5]

Vulnerability in PAN-OS, Cloud NGFW, and Prisma Access that allows man-in-the-middle (mitm) attacks to capture encrypted traffic between the Panorama Management Server and the firewall it manages (CVE-2024-3387, CVSS 6) [6]

Vulnerability in the GlobalProtect gateway in Palo Alto Networks PAN-OS software that could allow an authenticated attacker to send network packets to internal assets while impersonating another user (CVE-2024-3388, CVSS 5.1) [7]

 

Vulnerability Patches

 

The following product-specific vulnerability patches were provided in the 04/10/2024 update.

PAN-OS,Cloud NGFW,Prisma Access All

PAN-OS,Cloud NGFW,Prisma Access All

PAN-OS,Cloud NGFW,Prisma Access 11.0.3 and later versions

PAN-OS,Cloud NGFW,Prisma Access 10.2.5 and later

PAN-OS,Cloud NGFW,Prisma Access 10.1.11 and later versions

PAN-OS,Cloud NGFW,Prisma Access All

PAN-OS,Cloud NGFW,Prisma Access All

PAN-OS,Cloud NGFW,Prisma Access All

PAN-OS,Cloud NGFW,Prisma Access All

PAN-OS,Cloud NGFW,Prisma Access All

PAN-OS,Cloud NGFW,Prisma Access All

PAN-OS,Cloud NGFW,Prisma Access All

PAN-OS,Cloud NGFW,Prisma Access All

PAN-OS,Cloud NGFW,Prisma Access 10.0.12 and later versions

PAN-OS,Cloud NGFW,Prisma Access 9.1.15-h1 and later

PAN-OS,Cloud NGFW,Prisma Access 9.0.17 and later versions

PAN-OS,Cloud NGFW,Prisma Access 8.1.24 and later versions

PAN-OS,Cloud NGFW,Prisma Access All

PAN-OS,Cloud NGFW,Prisma Access All

PAN-OS,Cloud NGFW,Prisma Access All

PAN-OS,Cloud NGFW,Prisma Access 11.0.3 and later versions

PAN-OS,Cloud NGFW,Prisma Access 10.2.8 and later

PAN-OS,Cloud NGFW,Prisma Access 10.1.12 and later

PAN-OS,Cloud NGFW,Prisma Access 9.1.17 and later versions

PAN-OS,Cloud NGFW,Prisma Access 9.0.17-h4 and later

PAN-OS,Cloud NGFW,Prisma Access All

PAN-OS,Cloud NGFW,Prisma Access All

PAN-OS,Cloud NGFW,Prisma Access 11.1.2 and later

PAN-OS,Cloud NGFW,Prisma Access 11.0.4 and later

PAN-OS,Cloud NGFW,Prisma Access 10.2.7-h3 and later

PAN-OS,Cloud NGFW,Prisma Access All

PAN-OS,Cloud NGFW,Prisma Access All

PAN-OS,Cloud NGFW,Prisma Access All

PAN-OS,Cloud NGFW,Prisma Access All

PAN-OS,Cloud NGFW,Prisma Access All

PAN-OS,Cloud NGFW,Prisma Access All

PAN-OS,Cloud NGFW,Prisma Access 11.0.1-h2, >= 11.0.2 and later versions

PAN-OS,Cloud NGFW,Prisma Access 10.2.4-h2, >= 10.2.5 and later

PAN-OS,Cloud NGFW,Prisma Access 10.1.9-h3, >= 10.1.10 and later versions

PAN-OS,Cloud NGFW,Prisma Access 10.0.13 and later versions

PAN-OS,Cloud NGFW,Prisma Access 9.1.17 and later versions

PAN-OS,Cloud NGFW,Prisma Access 9.0.17-h2 and later

PAN-OS,Cloud NGFW,Prisma Access All

PAN-OS,Cloud NGFW,Prisma Access All

PAN-OS,Cloud NGFW,Prisma Access All

PAN-OS,Cloud NGFW,Prisma Access 11.0.4 on Panorama and later versions

PAN-OS,Cloud NGFW,Prisma Access 10.2.7-h3 on Panorama, >= 10.2.8 on Panorama and later

PAN-OS,Cloud NGFW,Prisma Access 10.1.12 on Panorama and later

PAN-OS,Cloud NGFW,Prisma Access All

PAN-OS,Cloud NGFW,Prisma Access All

PAN-OS,Cloud NGFW,Prisma Access All

PAN-OS,Cloud NGFW,Prisma Access 10.2.4 and later versions

PAN-OS,Cloud NGFW,Prisma Access All

PAN-OS,Cloud NGFW,Prisma Access 11.0.3 and later versions

PAN-OS,Cloud NGFW,Prisma Access 10.2.7-h3 and later

PAN-OS,Cloud NGFW,Prisma Access 10.1.11-h4 and later

PAN-OS,Cloud NGFW,Prisma Access 9.1.17 and later versions

PAN-OS,Cloud NGFW,Prisma Access 9.0.17-h4 and later

PAN-OS,Cloud NGFW,Prisma Access 8.1.26 and later versions

PAN-OS,Cloud NGFW,Prisma Access All

 

Referenced Sites

 

[1] PAN-OS: Improper Group Membership Change Vulnerability in Cloud Identity Engine (CIE)

https://security.paloaltonetworks.com/CVE-2024-3383

[2] PAN-OS: Firewall Denial of Service (DoS) via Malformed NTLM Packets

https://security.paloaltonetworks.com/CVE-2024-3384

[3] PAN-OS: Firewall Denial of Service (DoS) when GTP Security is Disabled

https://security.paloaltonetworks.com/CVE-2024-3385

[4] PAN-OS: Firewall Denial of Service (DoS) via a Burst of Crafted Packets

https://security.paloaltonetworks.com/CVE-2024-3382

[5] PAN-OS: Predefined Decryption Exclusions Does Not Work as Intended

https://security.paloaltonetworks.com/CVE-2024-3386

[6] PAN-OS: Weak Certificate Strength in Panorama Software Leads to Sensitive Information Disclosure

https://security.paloaltonetworks.com/CVE-2024-3387

[7] PAN-OS: User Impersonation in GlobalProtect SSL VPN

https://security.paloaltonetworks.com/CVE-2024-3388

Tags:

Previous Post

Next Post