CVE-2024-3384
HIGHPalo Alto Networks PAN-OS - NTLM Packet Denial of Service
Title source: manualDescription
A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager (NTLM) packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online.
References (1)
Core 1
Core References
Vendor Advisory
https://security.paloaltonetworks.com/CVE-2024-3384
Scores
CVSS v3
7.5
EPSS
0.0089
EPSS Percentile
54.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-1286
Status
published
Products (2)
paloaltonetworks/pan-os
9.1.15
paloaltonetworks/pan-os
8.1.0 - 8.1.24
Published
Apr 10, 2024
Tracked Since
Feb 18, 2026