mickmick.net

Palo Alto PAN-OS Denial Of Service Vulnerability

Release Date: 11 Aug 2022

RISK: Medium Risk

TYPE: Security software and application - Security Software & Appliance

A vulnerability has been identified in Palo Alto PAN-OS. A remote attacker can exploit this vulnerability to trigger denial of service condition on the targeted system.

---

Impact

• Denial of Service

---

System / Technologies affected

• PAN-OS 8.1 versions earlier than PAN-OS 8.1.23-h1
• PAN-OS 9.0 versions earlier than PAN-OS 9.0.16-h3
• PAN-OS 9.1 versions earlier than PAN-OS 9.1.14-h4
• PAN-OS 10.0 versions earlier than PAN-OS 10.0.11-h1
• PAN-OS 10.1 versions earlier than PAN-OS 10.1.6-h6
• PAN-OS 10.2 versions earlier than PAN-OS 10.2.2-h2

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

• Apply fixes issued by the vendor:
  Update to PAN-OS 8.1.23-h1, PAN-OS 9.0.16-h3, PAN-OS 9.1.14-h4, PAN-OS 10.0.11-h1, PAN-OS 10.1.6-h6, PAN-OS 10.2.2-h2, and all later PAN-OS versions
• For detail, please refer to the link below:
  https://security.paloaltonetworks.com/CVE-2022-0028

---

Vulnerability Identifier

• CVE-2022-0028

---

Source

• Palo Alto
• US-CERT

---

Related Link

• https://security.paloaltonetworks.com/CVE-2022-0028
• https://www.cisa.gov/uscert/ncas/current-activity/2022/08/10/palo-alto-networks-releases-security-update-pan-os