Statements (24)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:cybersecurity_vulnerability
|
| gptkbp:affects |
Palo Alto Networks PAN-OS
|
| gptkbp:assignee |
gptkb:MITRE
|
| gptkbp:attack_vector |
gptkb:network_protocol
|
| gptkbp:describes |
A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS that allows unauthenticated remote attackers to execute arbitrary code.
|
| gptkbp:exploited_in_the_wild |
true
|
| gptkbp:hasCVSSScore |
10.0
|
| gptkbp:hasCWE |
gptkb:CWE-77
|
| gptkbp:impact |
system compromise
remote code execution GlobalProtect Gateway GlobalProtect Portal |
| gptkbp:patchedBy |
PAN-OS 10.2.9-h1
PAN-OS 11.0.4-h1 PAN-OS 11.1.2-h3 |
| gptkbp:privileges_required |
none
|
| gptkbp:publicDisclosure |
2024-04-12
|
| gptkbp:requires_authentication |
false
|
| gptkbp:user_interaction_required |
none
|
| gptkbp:vulnerableTo |
gptkb:CVE-2024-3400
command injection |
| gptkbp:bfsParent |
gptkb:APT3
|
| gptkbp:bfsLayer |
7
|
| https://www.w3.org/2000/01/rdf-schema#label |
CVE-2024-3400
|