{"id":2520,"date":"2024-05-09T06:45:49","date_gmt":"2024-05-09T06:45:49","guid":{"rendered":"https:\/\/certera.com\/blog\/?p=2520"},"modified":"2024-05-09T06:45:51","modified_gmt":"2024-05-09T06:45:51","slug":"palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400","status":"publish","type":"post","link":"https:\/\/certera.com\/blog\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\/","title":{"rendered":"Palo Alto Firewalls were affected by Exploited Vulnerability of CVE-2024-3400"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\"><strong>Palo Alto Networks PAN-OS firewalls have been subject to an increased number of attempts at exploitation since the finding of CVE-2024-3400 on April 12, 2024.<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Recently, Palo Alto Networks identified and fixed a serious flaw in the GlobalProtect function of its PAN-OS software. But again, information from the Shadowserver Foundation showed that thousands of GlobalProtect instances were still at risk.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The issue is identified as a command injection in the GlobalProtect function of PAN-OS, the operating system that&nbsp;runs the appliances created by Palo Alto Networks. It is tracked as CVE-2024-3400.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-what-is-the-cve-2024-3400-vulnerability\">What is the CVE-2024-3400 Vulnerability?\u00a0<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2024\/04\/12\/palo-alto-networks-releases-guidance-vulnerability-pan-os-cve-2024-3400\">According to Palo Alto Networks&#8217; advisory<\/a>, the vulnerability (CVE-2024-3400) has the highest severity level of 10.0 on the Common Vulnerability Scoring System (CVSS) and a high degree of severity.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\">Palo Alto Networks Unit 42 stated in a threat brief that &#8220;a critical command injection vulnerability in Palo Alto Networks PAN-OS software enables&nbsp;an unauthenticated attacker to execute arbitrary code with root privileges&nbsp;on the firewall.&#8221;<\/p>\n<\/blockquote>\n\n\n\n<p class=\"wp-block-paragraph\">An unauthorized&nbsp;attacker could run arbitrary code on the firewall with root access if they were to take advantage of vulnerable PAN-OS versions (PAN-OS 120.2, 11.0, and 11.1) &nbsp;and distinctive configurations.&nbsp;This vulnerability is actively exploited in the wild.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Palo Alto Networks initially claimed that only appliances with&nbsp;device telemetry enabled and the GlobalProtect gateway feature configured are at risk. They&nbsp;suggested turning off device telemetry as a precautionary measure.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Under Operation MidnightEclipse, Palo Alto Networks is monitoring the early exploitation of this vulnerability and reports that &#8220;an increasing number of attacks that leverage the exploitation of this vulnerability.&#8221;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Furthermore, on April 18, 2024<\/strong>, 22 542 potentially vulnerable Intrusion Prevention Systems (IPS) were connected to the vulnerability, according to a tweet from the nonprofit security organization\u00a0Shadowserver Foundation, which collects and analyses data on illegal Internet activities.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-remediations-of-palo-alto-networks-firewall-vulnerability\">Remediations of Palo Alto Networks Firewall Vulnerability\u00a0<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Palo Alto Networks has released remediation for companies whose firewalls have been compromised by the exploitation of the vulnerability identified as CVE-2024-3400.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Customers who&nbsp;subscribe to Palo Alto Networks Threat Prevention service are advised to use Threat IDs 95187, 95189, and 95191 to prevent attacks related to this issue.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">&nbsp;The company further recommends that to&nbsp;protect their devices, users update to a corrected version of PAN-OS right away.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">An earlier version of Palo Alto Networks&#8217; security warning mentioned disabling device telemetry as a supplementary mitigation option. In its revised version, however, it said that PAN-OS firewalls are susceptible to attacks linked to this vulnerability even if device telemetry is not turned on.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Customers are encouraged to update to the most recent PAN-OS hotfix if they find unsuccessful efforts at exploitation. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Organizations\u00a0that\u00a0discover evidence of someone testing their firewall to see if it is vulnerable must take the same action. Usually, this entails establishing an empty file on the firewall and ensuring no unauthorized\u00a0instructions are performed.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Customers must not only update PAN-OS but also implement a private data reset, eliminating the danger of device data misuse&nbsp;if there are indications of potential data exfiltration. This entails a file like &#8220;running_config.xml&#8221; copied to a location accessible via web requests.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">All affected PAN-OS versions now have patches available; however,&nbsp;only a few were initially provided by Palo Alto Networks.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Recommended:<\/strong> <a href=\"https:\/\/knowledgebase.paloaltonetworks.com\/KCSArticleDetail?id=kA14u000000CrO6CAK\">How to Remedy CVE-2024-3400 at the Official Site<\/a>!<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Moreover, statistics from the Shadowserver Foundation show that while the number of internet-exposed devices that hackers could compromise has decreased, a few thousand devices can still be affected.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Palo Alto Networks PAN-OS firewalls have been subject to an increased number of attempts at exploitation since the finding of CVE-2024-3400 on April 12, 2024. Recently, Palo Alto Networks identified and fixed a serious flaw in the GlobalProtect function of its PAN-OS software. But again, information from the Shadowserver Foundation showed that thousands of GlobalProtect<span class=\"morelink d-block mt-3\"><a href=\"https:\/\/certera.com\/blog\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\/\">Read More<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":2535,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[32],"tags":[512,511],"class_list":["post-2520","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-vulnerability","tag-cve-2024-3400","tag-palo-alto-networks-firewall-vulnerability","entry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.9 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>CVE-2024-3400: Zero-day Vulnerability in Palo Alto Firewalls<\/title>\n<meta name=\"description\" content=\"CVE-2024-3400 Palo Alto OS Command Injection vulnerability with a CVSS score of 10.0 (Critical) affected Palo Alto Networks&#039; firewall systems.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/certera.com\/blog\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CVE-2024-3400: Zero-day Vulnerability in Palo Alto Firewalls\" \/>\n<meta property=\"og:description\" content=\"CVE-2024-3400 Palo Alto OS Command Injection vulnerability with a CVSS score of 10.0 (Critical) affected Palo Alto Networks&#039; firewall systems.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/certera.com\/blog\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\/\" \/>\n<meta property=\"og:site_name\" content=\"EncryptedFence by Certera - Web &amp; Cyber Security Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/certeraLLC\/\" \/>\n<meta property=\"article:published_time\" content=\"2024-05-09T06:45:49+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-05-09T06:45:51+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/certera.com\/blog\/wp-content\/uploads\/2024\/05\/palo-alto-firewalls-vulnerability.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"960\" \/>\n\t<meta property=\"og:image:height\" content=\"620\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Janki Mehta\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@certera_llc\" \/>\n<meta name=\"twitter:site\" content=\"@certera_llc\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Janki Mehta\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\\\/\"},\"author\":{\"name\":\"Janki Mehta\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/person\\\/e5a476aa90d9e02260ebfe4b0bf046b7\"},\"headline\":\"Palo Alto Firewalls were affected by Exploited Vulnerability of CVE-2024-3400\",\"datePublished\":\"2024-05-09T06:45:49+00:00\",\"dateModified\":\"2024-05-09T06:45:51+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\\\/\"},\"wordCount\":590,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/05\\\/palo-alto-firewalls-vulnerability.jpg\",\"keywords\":[\"CVE-2024-3400\",\"Palo Alto Networks Firewall Vulnerability\"],\"articleSection\":[\"Vulnerability\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/certera.com\\\/blog\\\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\\\/#respond\"]}],\"copyrightYear\":\"2024\",\"copyrightHolder\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\\\/\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\\\/\",\"name\":\"CVE-2024-3400: Zero-day Vulnerability in Palo Alto Firewalls\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/05\\\/palo-alto-firewalls-vulnerability.jpg\",\"datePublished\":\"2024-05-09T06:45:49+00:00\",\"dateModified\":\"2024-05-09T06:45:51+00:00\",\"description\":\"CVE-2024-3400 Palo Alto OS Command Injection vulnerability with a CVSS score of 10.0 (Critical) affected Palo Alto Networks' firewall systems.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/certera.com\\\/blog\\\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\\\/#primaryimage\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/05\\\/palo-alto-firewalls-vulnerability.jpg\",\"contentUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/05\\\/palo-alto-firewalls-vulnerability.jpg\",\"width\":960,\"height\":620,\"caption\":\"Palo Alto Firewall Vulnerability\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/certera.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Palo Alto Firewalls were affected by Exploited Vulnerability of CVE-2024-3400\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/\",\"name\":\"EncryptedFence by Certera - Web & Cyber Security Blog\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\"},\"alternateName\":\"Certera's EncryptedFence Blog\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/certera.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\",\"name\":\"Certera\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/logo-encryptedfence.svg\",\"contentUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/logo-encryptedfence.svg\",\"caption\":\"Certera\"},\"image\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/certeraLLC\\\/\",\"https:\\\/\\\/x.com\\\/certera_llc\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/certera-llc\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/person\\\/e5a476aa90d9e02260ebfe4b0bf046b7\",\"name\":\"Janki Mehta\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g\",\"caption\":\"Janki Mehta\"},\"description\":\"Janki Mehta is a passionate Cyber-Security Enthusiast who keenly monitors the latest developments in the Web\\\/Cyber Security industry. She puts her knowledge into practice and helps web users by arming them with the necessary security measures to stay safe in the digital world.\",\"sameAs\":[\"https:\\\/\\\/certerassl.com\\\/\"],\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/author\\\/certerabguser\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CVE-2024-3400: Zero-day Vulnerability in Palo Alto Firewalls","description":"CVE-2024-3400 Palo Alto OS Command Injection vulnerability with a CVSS score of 10.0 (Critical) affected Palo Alto Networks' firewall systems.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/certera.com\/blog\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\/","og_locale":"en_US","og_type":"article","og_title":"CVE-2024-3400: Zero-day Vulnerability in Palo Alto Firewalls","og_description":"CVE-2024-3400 Palo Alto OS Command Injection vulnerability with a CVSS score of 10.0 (Critical) affected Palo Alto Networks' firewall systems.","og_url":"https:\/\/certera.com\/blog\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\/","og_site_name":"EncryptedFence by Certera - Web &amp; Cyber Security Blog","article_publisher":"https:\/\/www.facebook.com\/certeraLLC\/","article_published_time":"2024-05-09T06:45:49+00:00","article_modified_time":"2024-05-09T06:45:51+00:00","og_image":[{"width":960,"height":620,"url":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2024\/05\/palo-alto-firewalls-vulnerability.jpg","type":"image\/jpeg"}],"author":"Janki Mehta","twitter_card":"summary_large_image","twitter_creator":"@certera_llc","twitter_site":"@certera_llc","twitter_misc":{"Written by":"Janki Mehta","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/certera.com\/blog\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\/#article","isPartOf":{"@id":"https:\/\/certera.com\/blog\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\/"},"author":{"name":"Janki Mehta","@id":"https:\/\/certera.com\/blog\/#\/schema\/person\/e5a476aa90d9e02260ebfe4b0bf046b7"},"headline":"Palo Alto Firewalls were affected by Exploited Vulnerability of CVE-2024-3400","datePublished":"2024-05-09T06:45:49+00:00","dateModified":"2024-05-09T06:45:51+00:00","mainEntityOfPage":{"@id":"https:\/\/certera.com\/blog\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\/"},"wordCount":590,"commentCount":0,"publisher":{"@id":"https:\/\/certera.com\/blog\/#organization"},"image":{"@id":"https:\/\/certera.com\/blog\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\/#primaryimage"},"thumbnailUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2024\/05\/palo-alto-firewalls-vulnerability.jpg","keywords":["CVE-2024-3400","Palo Alto Networks Firewall Vulnerability"],"articleSection":["Vulnerability"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/certera.com\/blog\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\/#respond"]}],"copyrightYear":"2024","copyrightHolder":{"@id":"https:\/\/certera.com\/blog\/#organization"}},{"@type":"WebPage","@id":"https:\/\/certera.com\/blog\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\/","url":"https:\/\/certera.com\/blog\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\/","name":"CVE-2024-3400: Zero-day Vulnerability in Palo Alto Firewalls","isPartOf":{"@id":"https:\/\/certera.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/certera.com\/blog\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\/#primaryimage"},"image":{"@id":"https:\/\/certera.com\/blog\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\/#primaryimage"},"thumbnailUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2024\/05\/palo-alto-firewalls-vulnerability.jpg","datePublished":"2024-05-09T06:45:49+00:00","dateModified":"2024-05-09T06:45:51+00:00","description":"CVE-2024-3400 Palo Alto OS Command Injection vulnerability with a CVSS score of 10.0 (Critical) affected Palo Alto Networks' firewall systems.","breadcrumb":{"@id":"https:\/\/certera.com\/blog\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/certera.com\/blog\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/certera.com\/blog\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\/#primaryimage","url":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2024\/05\/palo-alto-firewalls-vulnerability.jpg","contentUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2024\/05\/palo-alto-firewalls-vulnerability.jpg","width":960,"height":620,"caption":"Palo Alto Firewall Vulnerability"},{"@type":"BreadcrumbList","@id":"https:\/\/certera.com\/blog\/palo-alto-firewalls-were-affected-by-exploited-vulnerability-of-cve-2024-3400\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/certera.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Palo Alto Firewalls were affected by Exploited Vulnerability of CVE-2024-3400"}]},{"@type":"WebSite","@id":"https:\/\/certera.com\/blog\/#website","url":"https:\/\/certera.com\/blog\/","name":"EncryptedFence by Certera - Web & Cyber Security Blog","description":"","publisher":{"@id":"https:\/\/certera.com\/blog\/#organization"},"alternateName":"Certera's EncryptedFence Blog","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/certera.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/certera.com\/blog\/#organization","name":"Certera","url":"https:\/\/certera.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/certera.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2023\/08\/logo-encryptedfence.svg","contentUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2023\/08\/logo-encryptedfence.svg","caption":"Certera"},"image":{"@id":"https:\/\/certera.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/certeraLLC\/","https:\/\/x.com\/certera_llc","https:\/\/www.linkedin.com\/company\/certera-llc\/"]},{"@type":"Person","@id":"https:\/\/certera.com\/blog\/#\/schema\/person\/e5a476aa90d9e02260ebfe4b0bf046b7","name":"Janki Mehta","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g","caption":"Janki Mehta"},"description":"Janki Mehta is a passionate Cyber-Security Enthusiast who keenly monitors the latest developments in the Web\/Cyber Security industry. She puts her knowledge into practice and helps web users by arming them with the necessary security measures to stay safe in the digital world.","sameAs":["https:\/\/certerassl.com\/"],"url":"https:\/\/certera.com\/blog\/author\/certerabguser\/"}]}},"_links":{"self":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts\/2520","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/comments?post=2520"}],"version-history":[{"count":1,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts\/2520\/revisions"}],"predecessor-version":[{"id":2521,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts\/2520\/revisions\/2521"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/media\/2535"}],"wp:attachment":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/media?parent=2520"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/categories?post=2520"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/tags?post=2520"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}