CVE-2024-3384: PAN-OS: Firewall Denial of Service (DoS) via Malformed NTLM Packets
First published: Wed Apr 10 2024(Updated: )
A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager (NTLM) packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online.
Credit: psirt@paloaltonetworks.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Palo Alto Networks PAN-OS | ||
| Paloaltonetworks Pan-os | >=8.1.0<8.1.24 | |
| Paloaltonetworks Pan-os | >=9.0.0<9.0.17 | |
| Paloaltonetworks Pan-os | >=9.1.0<9.1.15 | |
| Paloaltonetworks Pan-os | >=10.0.0<10.0.12 | |
| Paloaltonetworks Pan-os | =9.1.15 |
Remedy
This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.15-h1, PAN-OS 10.0.12, and all later PAN-OS versions.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/weakness
- agent/title
- agent/references
- agent/remedy
- agent/type
- agent/description
- agent/first-publish-date
- agent/severity
- agent/author
- agent/event
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- vendor/paloaltonetworks
- canonical/paloaltonetworks pan-os
- version/paloaltonetworks pan-os/8.1.0
- version/paloaltonetworks pan-os/9.0.0
- version/paloaltonetworks pan-os/9.1.0
- version/paloaltonetworks pan-os/10.0.0
- version/paloaltonetworks pan-os/9.1.15