The U.S. Cybersecurity and Infrastructure Security Agency (CISA) additional a security flaw affecting Palo Alto Networks PAN-OS to its Regarded Exploited Vulnerabilities Catalog on Monday.
Tracked CVE-2022-0028, the vulnerability has a CVSS of 8.6 and is based on the misconfiguration of the PAN-OS URL filtering coverage, which could make it possible for a network-based unauthenticated attacker to accomplish mirrored and amplified TCP denial-of-support (DoS) attacks.
“To be misused by an exterior attacker, the firewall configuration ought to have a URL filtering profile with 1 or far more blocked classes assigned to a security rule with a supply zone that has an exterior experiencing network interface,” Palo Alto Networks mentioned before this thirty day period.
Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).
➤ Get Mullvad VPN with 12% Discount
“This configuration is not normal for URL filtering and, if established, is most likely unintended by the administrator.”
The company also confirmed that if exploited, this issue would not effect the confidentiality, integrity, or availability of its merchandise.
“However, the resulting denial-of-assistance (DoS) attack may assist obfuscate the id of the attacker and implicate the firewall as the source of the attack,” Palo Alto Networks wrote.
The flaw has now been patched by the firm, but in advance of issuing a patch, Palo Alto Networks verified an tried reflected DoS (RDoS) attack was recognized by a services service provider.
“This attempted attack took edge of susceptible firewalls from numerous distributors, together with Palo Alto Networks. We straight away begun to root lead to and remediate this issue.”
To avert DoS attacks ensuing from this issue from a variety of sources, the corporation proposed method administrators configure their Palo Alto Networks firewalls by enabling 1 of the two-zone safety mitigations on all security zones with an assigned security coverage that features a URL filtering profile.
The information of the vulnerability staying patched and added to CISA’s catalog will come months after Palo Alto Networks’ security scientists spotted a new Ursula marketing campaign from DropBox and Google Push accounts.
Some pieces of this write-up are sourced from:
www.infosecurity-journal.com