CVE-2024-3387
CVSS V2 None
CVSS V3 None
Description
A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing resources, the attacker could break encrypted communication and expose sensitive information that is shared between the management server and the firewalls.
Overview
- CVE ID
- CVE-2024-3387
- Assigner
- palo_alto
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-04-10T17:06:36.676Z
- Last Modified Date
- 2024-06-04T17:31:52.758Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2024-3387 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-3387 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3387 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-23 22:57:41 | Added to TrackCVE |