CVE-2024-3400Palo Alto Networks PAN-OS Command Injection Vulnerability

PUBLISHEDvulnerability record
2024-04-12 · last modified June 21, 2025

Metadata

CVE ID:
CVE-2024-3400
项目:
Palo Alto Networks
产品:
PAN-OS
添加日期:
2024-04-12
到期日:
2024-04-19
最后更新:
June 21, 2025

漏洞名称

Palo Alto Networks PAN-OS Command Injection Vulnerability

描述

Palo Alto Networks PAN-OS GlobalProtect feature contains a command injection vulnerability that allows an unauthenticated attacker to execute commands with root privileges on the firewall.

已知用于勒索软件活动吗?

勒索软件状态:
KNOWN

采集行动

Apply mitigations per vendor instructions as they become available. Otherwise, users with vulnerable versions of affected devices should enable Threat Prevention IDs available from the vendor. See the vendor bulletin for more details and a patch release schedule.

其他说明

相关新闻文章

相关 CWE