vulnerability

Palo Alto Networks PAN-OS: CVE-2024-3387: PAN-OS: Weak Certificate Strength in Panorama Software Leads to Sensitive Information Disclosure

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:H/Au:N/C:C/I:N/A:N)	Apr 10, 2024	Jan 7, 2025	Jul 2, 2025

Severity

CVSS

(AV:N/AC:H/Au:N/C:C/I:N/A:N)

Published

Apr 10, 2024

Added

Jan 7, 2025

Modified

Jul 2, 2025

Description

A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing resources, the attacker could break encrypted communication and expose sensitive information that is shared between the management server and the firewalls.

Solution

palo-alto-networks-pan-os-upgrade-latest

References

CWE-326
CVE-2024-3387
https://attackerkb.com/topics/CVE-2024-3387
URL-https://security.paloaltonetworks.com/CVE-2024-3387

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today