Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2024-3383

A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine (CIE) agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your existing Security Policy rules.

  • Published: Apr 10, 2024
  • Updated: May 4, 2025
  • CVE: CVE-2024-3383
  • Severity: Critical
  • Exploit:

CVSS v3:

  • Severity: Critical
  • Score: 9.1
  • AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

No CWE or OWASP classifications available.

Software From Fixed in
paloaltonetworks / pan-os 10.2.0 10.2.5
paloaltonetworks / pan-os 10.1.0 10.1.11
paloaltonetworks / pan-os 11.0.0 11.0.3