vulnerability

Palo Alto Networks PAN-OS: CVE-2024-3387: PAN-OS: Weak Certificate Strength in Panorama Software Leads to Sensitive Information Disclosure

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:H/Au:N/C:C/I:N/A:N)	Apr 10, 2024	Jan 7, 2025	Mar 25, 2026

Severity

CVSS

(AV:N/AC:H/Au:N/C:C/I:N/A:N)

Published

Apr 10, 2024

Added

Jan 7, 2025

Modified

Mar 25, 2026

Description

A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing resources, the attacker could break encrypted communication and expose sensitive information that is shared between the management server and the firewalls.

Solution

palo-alto-networks-pan-os-upgrade-latest

References

CWE-326
CVE-2024-3387
https://attackerkb.com/topics/CVE-2024-3387
https://security.paloaltonetworks.com/CVE-2024-3387
https://euvd.enisa.europa.eu/vulnerability/EUVD-2024-31976

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report