Issued: Thursday, 25 August, 2022 |
Last Revision: Thursday, 25 August, 2022 |
Vendor: |
Product: |
Severity Level: |
Palo Alto has released a patch for a vulnerability in PAN-OS. The vulnerability is denial of service attack and tracked as CVE-2022-0028.
An incorrectly configured PAN-OS URL filtering policy could enable a network-based attacker to launch reflected and amplified TCP denial-of-service (RDoS) assaults.
The DoS attack seems to originate from a Palo Alto Networks PA-Series (hardware), VM-Series (virtual) and CN-Series (container) firewall against a specified target by attacker. The Panorama M-Series or Panorama virtual appliances are unaffected by this problem. This vulnerability is being actively exploited by threat actors.
CVE/Vulnerability | Description | CVSS3.0 Score |
CVE-2022-0028 | DOS attack | 8.6 |
Table 1: Vulnerability details
CVE/Vulnerability | Affected Product(s) | Affected Version(s) | Fixed Version |
CVE-2022-0028 | PAN-OS 10.2 | < 10.2.2-h2 | >= 10.2.2-h2 |
PAN-OS 10.1 | < 10.1.6-h6 | >= 10.1.6-h6 | |
PAN-OS 10.0 | < 10.0.11-h1 | >= 10.0.11-h1 | |
PAN-OS 9.1 | < 9.1.14-h4 | >= 9.1.14-h4 | |
PAN-OS 9.0 | < 9.0.16-h3 | >= 9.0.16-h3 | |
PAN-OS 8.1 | < 8.1.23-h1 | >= 8.1.23-h1 |
Table 2: Vulnerable versions
Organizations are encouraged to apply the updates on the impacted product as per Vendor instructions.