Lucene search
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.PALO_ALTO_CVE-2024-3387.NASLHistoryApr 10, 2024 - 12:00 a.m.
Palo Alto Networks PAN-OS 10.1.x < 10.1.12 / 10.2.x < 10.2.8 / 11.0.x < 11.0.4 Vulnerability
2024-04-1000:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
33
palo alto networks
pan-os
vulnerability
weak certificate
mitm attack
meddler-in-the-middle
encrypted traffic
cve-2024-3387
nessus scanner
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
AI Score
5.2
Confidence
High
EPSS
0
Percentile
9.0%
The version of Palo Alto Networks PAN-OS running on the remote host is 10.1.x prior to 10.1.12 or 10.2.x prior to 10.2.8 or 11.0.x prior to 11.0.4. It is, therefore, affected by a vulnerability.
- A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing resources, the attacker could break encrypted communication and expose sensitive information that is shared between the management server and the firewalls. (CVE-2024-3387)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(193152);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/09/13");
script_cve_id("CVE-2024-3387");
script_xref(name:"IAVA", value:"2024-A-0171-S");
script_name(english:"Palo Alto Networks PAN-OS 10.1.x < 10.1.12 / 10.2.x < 10.2.8 / 11.0.x < 11.0.4 Vulnerability");
script_set_attribute(attribute:"synopsis", value:
"The remote PAN-OS host is affected by a vulnerability");
script_set_attribute(attribute:"description", value:
"The version of Palo Alto Networks PAN-OS running on the remote host is 10.1.x prior to 10.1.12 or 10.2.x prior to 10.2.8
or 11.0.x prior to 11.0.4. It is, therefore, affected by a vulnerability.
- A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker
to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama
management server and the firewalls it manages. With sufficient computing resources, the attacker could
break encrypted communication and expose sensitive information that is shared between the management
server and the firewalls. (CVE-2024-3387)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://security.paloaltonetworks.com/CVE-2024-3387");
script_set_attribute(attribute:"solution", value:
"Upgrade to PAN-OS 10.1.12 / 10.2.8 / 11.0.4 or later");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-3387");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(326);
script_set_attribute(attribute:"vuln_publication_date", value:"2024/04/10");
script_set_attribute(attribute:"patch_publication_date", value:"2024/04/10");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/04/10");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/o:paloaltonetworks:pan-os");
script_set_attribute(attribute:"generated_plugin", value:"former");
script_set_attribute(attribute:"stig_severity", value:"II");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Palo Alto Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("palo_alto_version.nbin");
script_require_keys("Host/Palo_Alto/Firewall/Version", "Host/Palo_Alto/Firewall/Full_Version", "Host/Palo_Alto/Firewall/Source");
exit(0);
}
include('vcf.inc');
include('vcf_extras.inc');
vcf::palo_alto::initialize();
var app_name = 'Palo Alto Networks PAN-OS';
var app_info = vcf::get_app_info(app:app_name, kb_ver:'Host/Palo_Alto/Firewall/Full_Version', kb_source:'Host/Palo_Alto/Firewall/Source');
# local_checks_enabled or paranoid scan
var kb_lce = get_kb_item('Host/local_checks_enabled');
if (
(empty_or_null(kb_lce) || kb_lce == 0)
&& report_paranoia < 2
)
{
audit(AUDIT_PARANOID);
}
else
{
var kb_ssi = get_kb_item_or_exit('Host/Palo_Alto/show_system_info');
if (empty_or_null(kb_ssi) || 'system-mode: panorama' >!< tolower(kb_ssi))
audit(AUDIT_HOST_NOT, 'Panorama');
}
var constraints = [
{ 'min_version' : '10.1.0', 'fixed_version' : '10.1.12' },
{ 'min_version' : '10.2.0', 'fixed_version' : '10.2.8' },
{ 'min_version' : '11.0.0', 'fixed_version' : '11.0.4' }
];
vcf::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_WARNING
);
Related
cve
cve
CVE-2024-3387
2024-04-10 17:15:57
cvelist
cvelist
vulnrichment
vulnrichment
paloalto
paloalto
nvd
nvd
CVE-2024-3387
2024-04-10 17:15:57
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
AI Score
5.2
Confidence
High
EPSS
0
Percentile
9.0%
Related for PALO_ALTO_CVE-2024-3387.NASL