CVE-2022-0023

Name of the Vulnerable Software and Affected Versions PAN-OS versions prior to 8.1.22 PAN-OS versions prior to 9.0.16 PAN-OS versions prior to 9.1.13 PAN-OS versions prior to 10.0.10 PAN-OS versions prior to 10.1.5

Description An improper handling of exceptional conditions issue exists in the DNS proxy feature of Palo Alto Networks PAN-OS software. This allows a meddler-in-the-middle (MITM) to send specifically crafted traffic to the firewall, causing the service to restart unexpectedly. Repeated attempts to send this request result in denial-of-service to all PAN-OS services by restarting the device in maintenance mode. This issue does not impact Panorama appliances and Prisma Access customers.

Recommendations For PAN-OS 8.1, update to version 8.1.22 or later. For PAN-OS 9.0, update to version 9.0.16 or later. For PAN-OS 9.1, update to version 9.1.13 or later. For PAN-OS 10.0, update to version 10.0.10 or later. For PAN-OS 10.1, update to version 10.1.5 or later.