CVE-2024-3383
Published: 10 April 2024
Summary
CVE-2024-3383 is a high-severity Improper Ownership Management (CWE-282) vulnerability in Paloaltonetworks Pan-Os. Its CVSS base score is 7.4 (High).
Operationally, ranked at the 48.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-31972
Vulnerability details
A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine (CIE) agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to…
more
resources based on your existing Security Policy rules.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.