vulnerability

Palo Alto Networks PAN-OS: CVE-2024-3383: PAN-OS: Improper Group Membership Change Vulnerability in Cloud Identity Engine (CIE)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:M/Au:N/C:N/I:C/A:C)	Apr 10, 2024	Jan 7, 2025	Jul 3, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:C/A:C)

Published

Apr 10, 2024

Added

Jan 7, 2025

Modified

Jul 3, 2025

Description

A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine (CIE) agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your existing Security Policy rules.

Solution

palo-alto-networks-pan-os-upgrade-latest

References

CWE-282
CVE-2024-3383
https://attackerkb.com/topics/CVE-2024-3383
URL-https://security.paloaltonetworks.com/CVE-2024-3383

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today