A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing resources, the attacker could break encrypted communication and expose sensitive information that is shared between the management server and the firewalls.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://security.paloaltonetworks.com/CVE-2024-3387 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: palo_alto
Published: 2024-04-10T17:06:36.676Z
Updated: 2024-08-01T20:12:06.646Z
Reserved: 2024-04-05T17:40:19.884Z
Link: CVE-2024-3387
Vulnrichment
Updated: 2024-08-01T20:12:06.646Z
NVD
Status : Awaiting Analysis
Published: 2024-04-10T17:15:57.787
Modified: 2024-11-21T09:29:30.917
Link: CVE-2024-3387
Redhat
No data.