Security News > 2022 > August > CISA is warning of high-severity PAN-OS DDoS flaw used in attacks
The security issue is a high-severity risk identified as CVE-2022-0028 that allows a remote threat actor to deploy reflected and amplified denial-of-service attacks without having to authenticate.
While exploiting the flaw can only cause a DoS condition on the affected device, it has already been used for at least one attack.
A Palo Alto Networks PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service attacks.
The security policy on the firewall that allows traffic to pass from Zone A to Zone B includes a URL filtering profile with one or more blocked categories.
Packet-based attack protection is not enabled in a Zone Protection profile for Zone A, including both and.
The current catalog of Known Exploitable Vulnerabilities from CISA lists 802 security issues that organizations around the world could use to improve their defenses.
News URL
Related news
- Ivanti vTM auth bypass flaw exploited in attacks, CISA warns (CVE-2024-7593) (source)
- CUPS vulnerabilities could be abused for DDoS attacks (source)
- Cloudflare blocks largest recorded DDoS attack peaking at 3.8Tbps (source)
- Recently patched CUPS flaw can be used to amplify DDoS attacks (source)
- Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors (source)
- Largest Recorded DDoS Attack is 3.8 Tbps (source)
- New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries (source)
- CISA says critical Fortinet RCE flaw now exploited in attacks (source)
- U.S. Charges Two Sudanese Brothers for Record 35,000 DDoS Attacks (source)
- CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-08-10 | CVE-2022-0028 | Unspecified vulnerability in Paloaltonetworks Pan-Os A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. | 0.0 |