Keepnet Labs Logo
Menu
Keepnet Labs > blog > palo-alto-networks-devices-running-the-pan-os-could-allow-attacker-to-launch-dos-attack

PAN-OS Flaw on Palo Alto Devices Allow DoS Attack

An incorrect setting in the PAN-OS URL filtering policy allows a network-based attacker to perform mirrored and amplified TCP DoS attacks. “When used improperly, this issue does not affect the confidentiality, integrity or availability of our products,” Palo Alto Networks says.

PAN-OS Flaw on Palo Alto Devices Allow DoS Attack - Keepnet

A serious issue monitored as CVSS score 8.6 (CVE-2022-0028) on Palo Alto Networks devices running the PAN operating system could allow an attacker to launch a denial of service (DoS) attack. The problem arises because of the Palo Alto Networks firewall Pa series (hardware), VM series (virtual), and CN series (container) firewall against the target specified by the attacker. An incorrect setting has occurred in the PAN-OS URL filtering policy that allows a network-based attacker to perform mirrored and amplified TCP DoS attacks. “When used improperly, this issue does not affect the confidentiality, integrity, or availability of our products.

However, the resulting denial of service (DoS) attack can help to hide the identity of the attacker and point to the firewall as the source of the attack, ” says the recommendation of Palo Alto Networks. Unaffectedcloud NGFWNoneAllPAN-Product status versions affected by OS 10.2<10.2. 2-h2 > = 10,2. 2-h2 (ETA: week beginning August 15, 2022) PAN-OS 10.1< 10.1. 6-h6 > = 10,1. 6-h6PAN-OS 10.0<10.0. 11-h1 > = 10.0. 11-h1 (ETA: week of August 15, 2022)PAN-OS 9.1< 9.1. 14-h4 > = 9,1. 14-h4 (ETA: week of August 15, 2022)PAN-OS 9.0< 9.0. 16-h3> = 9.0. 16-h3 (ETA: week until August 15, 2022)PAN-OS 8.1< 8.1. 23-h1 > = 8,1. 23-h1 (aankomst: 15 August 2022)prism Prisma Prisma Prisma 2.1 2.2 to 3.0 3.1 to access no access no access no access no software update is in order to Palo Alto Networks PAN-OS firewall configurations heeft een beveiligingsupdate uitgebracht om een beveiligingsupdate when kwetsbaarheid to Te Paki.

SHARE ON

twitter
twitter
twitter

Schedule your 30-minute demo now

You'll learn how to:
tickAutomate behaviour-based security awareness training for employees to identify and report threats: phishing, vishing, smishing, quishing, MFA phishing, callback phishing!
tickAutomate phishing analysis by 187x and remove threats from inboxes 48x faster.
tickUse our AI-driven human-centric platform with Autopilot and Self-driving features to efficiently manage human cyber risks.
iso 27017 certificate
iso 27018 certificate
iso 27001 certificate
ukas 20382 certificate
Cylon certificate
Crown certificate
Gartner certificate
Tech Nation certificate