Assigner | palo_alto |
Reserved | 2024-04-05 |
Published | 2024-04-10 |
Updated | 2024-06-07 |
Description
An incorrect string comparison vulnerability in Palo Alto Networks PAN-OS software prevents Predefined Decryption Exclusions from functioning as intended. This can cause traffic destined for domains that are not specified in Predefined Decryption Exclusions to be unintentionally excluded from decryption.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Problem types
CWE-436 Interpretation Conflict
Product status
9.0.0 before 9.0.17-h2
9.1.0 before 9.1.17
10.0.0 before 10.0.13
10.1.0 before 10.1.9-h3
10.1.0 before 10.1.10
10.2.0 before 10.2.4-h2
10.2.0 before 10.2.5
11.0.0 before 11.0.1-h2
11.0.0 before 11.0.2
11.1.0
All
All
Timeline
2024-04-10: | Initial publication |
Credits
Palo Alto Networks thanks Frederic De Vlieger for discovering and reporting this issue.
References
https://security.paloaltonetworks.com/CVE-2024-3386