CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
9.0%
The version of Palo Alto Networks PAN-OS running on the remote host is 10.1.x prior to 10.1.12 or 10.2.x prior to 10.2.8 or 11.0.x prior to 11.0.4. It is, therefore, affected by a vulnerability.
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(193152);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/09/13");
script_cve_id("CVE-2024-3387");
script_xref(name:"IAVA", value:"2024-A-0171-S");
script_name(english:"Palo Alto Networks PAN-OS 10.1.x < 10.1.12 / 10.2.x < 10.2.8 / 11.0.x < 11.0.4 Vulnerability");
script_set_attribute(attribute:"synopsis", value:
"The remote PAN-OS host is affected by a vulnerability");
script_set_attribute(attribute:"description", value:
"The version of Palo Alto Networks PAN-OS running on the remote host is 10.1.x prior to 10.1.12 or 10.2.x prior to 10.2.8
or 11.0.x prior to 11.0.4. It is, therefore, affected by a vulnerability.
- A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker
to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama
management server and the firewalls it manages. With sufficient computing resources, the attacker could
break encrypted communication and expose sensitive information that is shared between the management
server and the firewalls. (CVE-2024-3387)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://security.paloaltonetworks.com/CVE-2024-3387");
script_set_attribute(attribute:"solution", value:
"Upgrade to PAN-OS 10.1.12 / 10.2.8 / 11.0.4 or later");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-3387");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(326);
script_set_attribute(attribute:"vuln_publication_date", value:"2024/04/10");
script_set_attribute(attribute:"patch_publication_date", value:"2024/04/10");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/04/10");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/o:paloaltonetworks:pan-os");
script_set_attribute(attribute:"generated_plugin", value:"former");
script_set_attribute(attribute:"stig_severity", value:"II");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Palo Alto Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("palo_alto_version.nbin");
script_require_keys("Host/Palo_Alto/Firewall/Version", "Host/Palo_Alto/Firewall/Full_Version", "Host/Palo_Alto/Firewall/Source");
exit(0);
}
include('vcf.inc');
include('vcf_extras.inc');
vcf::palo_alto::initialize();
var app_name = 'Palo Alto Networks PAN-OS';
var app_info = vcf::get_app_info(app:app_name, kb_ver:'Host/Palo_Alto/Firewall/Full_Version', kb_source:'Host/Palo_Alto/Firewall/Source');
# local_checks_enabled or paranoid scan
var kb_lce = get_kb_item('Host/local_checks_enabled');
if (
(empty_or_null(kb_lce) || kb_lce == 0)
&& report_paranoia < 2
)
{
audit(AUDIT_PARANOID);
}
else
{
var kb_ssi = get_kb_item_or_exit('Host/Palo_Alto/show_system_info');
if (empty_or_null(kb_ssi) || 'system-mode: panorama' >!< tolower(kb_ssi))
audit(AUDIT_HOST_NOT, 'Panorama');
}
var constraints = [
{ 'min_version' : '10.1.0', 'fixed_version' : '10.1.12' },
{ 'min_version' : '10.2.0', 'fixed_version' : '10.2.8' },
{ 'min_version' : '11.0.0', 'fixed_version' : '11.0.4' }
];
vcf::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_WARNING
);
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
9.0%