CVE-2024-9472

EPSS 0.33%
Veröffentlicht 14.11.2024 10:15:09
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle psirt@paloaltonetworks.com
CVE-Watchlists
Login
Unerledigt
Login

PAN-OS: Firewall Denial of Service (DoS) Using Specially Crafted Traffic

A null pointer dereference in Palo Alto Networks PAN-OS software on PA-800 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series hardware platforms when Decryption policy is enabled allows an unauthenticated attacker to crash PAN-OS by sending specific traffic through the data plane, resulting in a denial of service (DoS) condition. Repeated attempts to trigger this condition will result in PAN-OS entering maintenance mode.


Palo Alto Networks VM-Series, Cloud NGFW, and Prisma Access are not affected.


This issue only affects PA-800 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series running these specific versions of PAN-OS:

  *  10.2.7-h12
  *  10.2.8-h10
  *  10.2.9-h9
  *  10.2.9-h11
  *  10.2.10-h2
  *  10.2.10-h3
  *  10.2.11
  *  10.2.11-h1
  *  10.2.11-h2
  *  10.2.11-h3
  *  11.1.2-h9
  *  11.1.2-h12
  *  11.1.3-h2
  *  11.1.3-h4
  *  11.1.3-h6
  *  11.2.2
  *  11.2.2-h1

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

CNA 3 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerPalo Alto Networks

≫

Produkt Cloud NGFW

Default Statusunaffected

Version All

Status unaffected

HerstellerPalo Alto Networks

≫

Produkt PAN-OS

Default Statusunaffected

Version 11.2.2

Version < 11.2.2-h3

Status affected

Version 11.1.2-h9

Version < 11.1.2-h14

Status affected

Version 11.0.0

Status unaffected

Version 10.2.7-h12

Version < 10.2.7-h16

Status affected

Version 10.1.0

Status unaffected

HerstellerPalo Alto Networks

≫

Produkt Prisma Access

Default Statusunaffected

Version All

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.33%	0.561

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
psirt@paloaltonetworks.com	8.7	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:Amber

CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://security.paloaltonetworks.com/CVE-2024-9472

https://nvd.nist.gov/vuln/detail/CVE-2024-9472

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-9472

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-9472

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-9472