Description
A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.
Published: 2024-11-14
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2024-27500 A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.
History

Fri, 24 Jan 2025 16:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

Tue, 19 Nov 2024 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

 ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 14 Nov 2024 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 14 Nov 2024 09:45:00 +0000

Type Values Removed Values Added
Description A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.
Title PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted Packet
First Time appeared Paloaltonetworks
Paloaltonetworks pan-os
Weaknesses CWE-476
CPEs cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.12:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h6:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h6:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h7:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h8:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h6:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h7:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h6:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h7:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h8:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.1:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h10:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h11:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h12:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h6:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h7:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h8:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h9:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:*:*:*:*:*:*
Vendors & Products Paloaltonetworks
Paloaltonetworks pan-os
References
Metrics cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Amber'}

Subscriptions

Paloaltonetworks Pan-os
cve-icon MITRE

Status: PUBLISHED

Assigner: palo_alto

Published:

Updated: 2024-11-19T15:01:40.744Z

Reserved: 2024-03-15T22:43:27.814Z

Link: CVE-2024-2551

cve-icon Vulnrichment

Updated: 2024-11-14T19:26:10.888Z

cve-icon NVD

Status : Analyzed

Published: 2024-11-14T10:15:04.547

Modified: 2025-01-24T16:03:41.910

Link: CVE-2024-2551

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses