漏洞类型:远程命令执行
漏洞等级:严重
漏洞编号:CVE-2024-3400
漏洞评分:10
利用复杂度:低
影响版本:
PAN-OS 11.1.* < 11.1.2-h3
PAN-OS 11.0.* < 11.0.4-h1
PAN-OS 10.2.* < 10.2.9-h1
利用方式:远程
POC/EXP:未公开
Palo Alto Networks的PAN-OS是一个运行在Palo Alto Networks防火墙和企业VPN设备上的操作系统。Palo Alto Networks PAN-OS软件的GlobalProtect功能存在命令注入漏洞,针对特定的PAN-OS版本和不同的功能配置,可能使未经身份验证的攻击者能够在防火墙上以root权限执行任意代码。2024年4 月10日,Volexity 发现其一名网络安全监控 (NSM) 客户对 Palo Alto Networks PAN-OS GlobalProtect 功能中发现的漏洞进行了零日利用,攻击者能够创建反向 shell、下载工具、窃取配置数据以及在网络内横向移动。Palo Alto Networks PSIRT 团队确认该漏洞为操作系统命令注入问题,并将其分配为 CVE-2024-3400。
仅适用于启用了GlobalProtect gateway(Network > GlobalProtect > Gateways)和device telemetry(Device > Setup > Telemetry)的PAN-OS 10.2、PAN-OS 11.0和PAN-OS 11.1防火墙。
据d15N6%4N6%4i4K6u0W2k6r3q4&6k6r3q4&6L8h3q4H3i4K6u0W2j5$3!0E0i4@1f1$3i4K6V1#2i4@1t1H3i4@1f1$3i4K6S2p5i4@1q4q4i4@1f1$3i4K6V1^5i4@1u0q4i4@1f1%4i4@1p5@1i4@1u0m8i4@1g2r3i4@1u0o6i4K6S2o6i4@1f1^5i4@1u0r3i4K6V1I4i4@1f1#2i4K6S2p5i4K6S2m8i4@1f1#2i4@1t1&6i4@1t1@1i4@1f1#2i4K6W2n7i4@1u0p5i4@1f1#2i4K6R3$3i4K6R3#2i4@1f1&6i4@1p5K6i4K6S2q4i4@1f1&6i4K6V1&6i4@1p5&6i4@1f1^5i4@1t1#2i4K6R3@1i4@1f1@1i4@1u0m8i4@1p5%4i4@1f1#2i4K6R3^5i4K6R3$3i4@1f1#2i4@1t1^5i4K6R3K6i4@1f1$3i4K6R3K6i4K6R3#2i4@1f1#2i4K6R3$3i4@1t1#2i4@1f1#2i4@1p5$3i4K6R3J5i4@1f1@1i4@1t1^5i4K6S2n7i4@1g2r3i4@1u0o6i4K6S2o6i4@1f1@1i4@1t1^5i4@1u0n7i4@1f1^5i4@1p5$3i4K6R3I4i4@1f1#2i4K6R3^5i4K6R3$3i4@1f1#2i4@1t1^5i4K6R3K6i4@1f1#2i4K6W2o6i4@1p5^5i4@1f1#2i4K6S2r3i4@1t1H3i4@1f1$3i4@1t1&6i4@1u0q4i4@1f1%4i4K6W2o6i4K6R3I4i4@1f1K6i4K6R3H3i4K6R3J5
解决方案
官方已发布修复方案,受影响的用户建议更新至安全版本。
c53K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6K6N6i4m8H3L8%4u0@1i4K6u0W2M7r3q4D9L8$3q4D9N6r3!0F1k6i4c8%4L8%4u0C8M7#2)9J5k6h3y4G2L8g2)9J5c8Y4y4#2M7s2m8G2M7Y4b7`. 参考链接:
3a1K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6E0M7q4)9J5k6i4N6W2K9i4S2A6L8W2)9J5k6i4q4I4i4K6u0W2j5$3!0E0i4K6u0r3M7#2)9J5c8V1N6W2g2s2g2U0L8g2g2g2c8s2c8e0y4g2)9J5k6r3S2#2P5g2)9#2k6Y4S2D9z5q4S2Y4c2bK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6K6k6h3y4#2M7X3W2@1P5g2)9J5k6i4m8S2L8r3!0S2L8s2c8G2L8X3g2@1N6$3!0J5K9%4y4Q4x3X3g2U0L8$3#2Q4x3V1k6o6g2V1g2Q4x3X3b7J5x3o6t1@1i4K6u0V1x3K6b7H3x3l9`.`.b8aK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6K6k6h3y4#2M7X3W2@1P5g2)9J5k6i4m8S2L8r3!0S2L8s2c8G2L8X3g2@1N6$3!0J5K9%4y4Q4x3X3g2U0L8$3#2Q4x3V1k6o6g2V1g2Q4x3X3b7J5x3o6t1@1i4K6u0V1x3K6b7H3x3l9`.`.
原文链接
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课