CVE-2024-3387

Name of the Vulnerable Software and Affected Versions Palo Alto Networks Panorama (affected versions not specified)

Description The issue is related to insufficiently robust data encryption. It allows a remote attacker to perform a man-in-the-middle attack, potentially gaining unauthorized access to protected information. Specifically, a weak device certificate in the software enables such an attack, which could lead to the exposure of sensitive information shared between the management server and the firewalls it manages.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.