vulnerability

PAN-OS: Exceptional Condition Denial-of-Service (DoS)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:N/I:N/A:C)	Sep 8, 2021	Sep 10, 2021	Sep 17, 2021

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:N/A:C)

Published

Sep 8, 2021

Added

Sep 10, 2021

Modified

Sep 17, 2021

Description

An improper handling of exceptional conditions vulnerability exists in the Palo Alto Networks PAN-OS dataplane that enables an unauthenticated network-based attacker to send specifically crafted traffic through the firewall that causes the service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.9; PAN-OS 10.0 versions earlier than PAN-OS 10.0.5. This issue does not affect Prisma Access.

Solutions

palo-alto-networks-pan-os-upgrade-10-0palo-alto-networks-pan-os-upgrade-8-1palo-alto-networks-pan-os-upgrade-9-0palo-alto-networks-pan-os-upgrade-9-1

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today