A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact Low

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is in the KEV database since Dec. 30, 2024.

Exploitation none

Automatable yes

Technical Impact partial

Affected Vendors & Products

Vendors Products
Paloaltonetworks
  • Pan-os

No data.

No data.

References
Link Providers
https://security.paloaltonetworks.com/CVE-2024-3393 cve-icon cve-icon
History

Mon, 30 Dec 2024 18:15:00 +0000

Type Values Removed Values Added
Metrics kev

{'dateAdded': '2024-12-30'}

Fri, 27 Dec 2024 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 27 Dec 2024 10:00:00 +0000

Type Values Removed Values Added
Description A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.
Title PAN-OS: Firewall Denial of Service (DoS) in DNS Security Using a Specially Crafted Packet
First Time appeared Paloaltonetworks
Paloaltonetworks pan-os
Weaknesses CWE-754
CPEs cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h6:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h10:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h6:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h7:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h8:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h9:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h10:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h11:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h12:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h13:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h14:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h15:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h16:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h17:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h18:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h6:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h7:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h8:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h9:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h10:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h11:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h12:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h13:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h14:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h15:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h16:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h17:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h18:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h6:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h7:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h8:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h10:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h11:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h12:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h13:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h14:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h15:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h6:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h7:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h8:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h9:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h10:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h11:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h6:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h7:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h8:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h9:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h6:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h7:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h8:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h9:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.2.1:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.2.1:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.2:-:*:*:*:*:*:*
Vendors & Products Paloaltonetworks
Paloaltonetworks pan-os
References
Metrics cvssV4_0

{'score': 7.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:N/R:U/V:C/RE:M/U:Amber'}
cve-icon MITRE

Status: PUBLISHED

Assigner: palo_alto

Published: 2024-12-27T09:44:24.538Z

Updated: 2024-12-30T17:20:22.893Z

Reserved: 2024-04-05T17:40:24.596Z

Link: CVE-2024-3393

cve-icon Vulnrichment

Updated: 2024-12-27T15:04:46.493Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-12-27T10:15:17.270

Modified: 2025-01-04T02:00:01.597

Link: CVE-2024-3393

cve-icon Redhat

No data.