Description
A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.
CVSS breakdown
CVSS 4.0
Attack Vector
Network
Attack Complexity
Low
Attack Requirements
None
Privileges Required
None
User Interaction
None
Confidentiality (Vulnerable System)
None
Integrity (Vulnerable System)
None
Availability (Vulnerable System)
High
Confidentiality (Subsequent System)
None
Integrity (Subsequent System)
None
Availability (Subsequent System)
Low
AU
None
R
Unchanged
V
Changed
RE
M
U
Amber
Affected products
- Palo Alto Networks / Cloud NGFWAll β All
- Palo Alto Networks / pan-os10.2.0 β 10.2.8
- Palo Alto Networks / pan-os11.2.0 β 11.2.3
- paloaltonetworks / pan-os11.2.1 β 11.2.1
- paloaltonetworks / pan-os11.2.1 β 11.2.1
- paloaltonetworks / pan-os11.2.0 β 11.2.0
- paloaltonetworks / pan-os11.2.0 β 11.2.0
- paloaltonetworks / pan-os11.2 β 11.2
- paloaltonetworks / pan-os11.1.4 β 11.1.4
- paloaltonetworks / pan-os11.1.4 β 11.1.4
- paloaltonetworks / pan-os11.1.4 β 11.1.4
- paloaltonetworks / pan-os11.1.4 β 11.1.4
- paloaltonetworks / pan-os11.1.4 β 11.1.4
- paloaltonetworks / pan-os11.1.4 β 11.1.4
- paloaltonetworks / pan-os11.1.4 β 11.1.4
- paloaltonetworks / pan-os11.1.4 β 11.1.4
- paloaltonetworks / pan-os11.1.4 β 11.1.4
- paloaltonetworks / pan-os11.1.4 β 11.1.4
- paloaltonetworks / pan-os11.1.3 β 11.1.3
- paloaltonetworks / pan-os11.1.3 β 11.1.3
- paloaltonetworks / pan-os11.1.3 β 11.1.3
- paloaltonetworks / pan-os11.1.3 β 11.1.3
- paloaltonetworks / pan-os11.1.3 β 11.1.3
- paloaltonetworks / pan-os11.1.3 β 11.1.3
- paloaltonetworks / pan-os11.1.3 β 11.1.3
- paloaltonetworks / pan-os11.1.3 β 11.1.3
- paloaltonetworks / pan-os11.1.3 β 11.1.3
- paloaltonetworks / pan-os11.1.3 β 11.1.3
- paloaltonetworks / pan-os11.1.3 β 11.1.3
- paloaltonetworks / pan-os11.1.3 β 11.1.3
- paloaltonetworks / pan-os11.1.2 β 11.1.2
- paloaltonetworks / pan-os11.1.2 β 11.1.2
- paloaltonetworks / pan-os11.1.2 β 11.1.2
- paloaltonetworks / pan-os11.1.2 β 11.1.2
- paloaltonetworks / pan-os11.1.2 β 11.1.2
- paloaltonetworks / pan-os11.1.2 β 11.1.2
- paloaltonetworks / pan-os11.1.2 β 11.1.2
- paloaltonetworks / pan-os11.1.2 β 11.1.2
- paloaltonetworks / pan-os11.1.2 β 11.1.2
- paloaltonetworks / pan-os11.1.2 β 11.1.2
- paloaltonetworks / pan-os11.1.2 β 11.1.2
- paloaltonetworks / pan-os11.1.2 β 11.1.2
- paloaltonetworks / pan-os11.1.2 β 11.1.2
- paloaltonetworks / pan-os11.1.2 β 11.1.2
- paloaltonetworks / pan-os11.1.2 β 11.1.2
- paloaltonetworks / pan-os11.1.2 β 11.1.2
- paloaltonetworks / pan-os11.1.1 β 11.1.1
- paloaltonetworks / pan-os11.1.1 β 11.1.1
- paloaltonetworks / pan-os11.1.1 β 11.1.1
- paloaltonetworks / pan-os11.1.0 β 11.1.0
- paloaltonetworks / pan-os11.1.0 β 11.1.0
- paloaltonetworks / pan-os11.1.0 β 11.1.0
- paloaltonetworks / pan-os11.1.0 β 11.1.0
- paloaltonetworks / pan-os11.1.0 β 11.1.0
- paloaltonetworks / pan-os11.1 β 11.1
- paloaltonetworks / pan-os10.2.10 β 10.2.10
- paloaltonetworks / pan-os10.2.10 β 10.2.10
- paloaltonetworks / pan-os10.2.10 β 10.2.10
- paloaltonetworks / pan-os10.2.10 β 10.2.10
- paloaltonetworks / pan-os10.2.10 β 10.2.10
- paloaltonetworks / pan-os10.2.10 β 10.2.10
- paloaltonetworks / pan-os10.2.10 β 10.2.10
- paloaltonetworks / pan-os10.2.10 β 10.2.10
- paloaltonetworks / pan-os10.2.10 β 10.2.10
- paloaltonetworks / pan-os10.2.10 β 10.2.10
- paloaltonetworks / pan-os10.2.10 β 10.2.10
- paloaltonetworks / pan-os10.2.9 β 10.2.9
- paloaltonetworks / pan-os10.2.9 β 10.2.9
- paloaltonetworks / pan-os10.2.9 β 10.2.9
- paloaltonetworks / pan-os10.2.9 β 10.2.9
- paloaltonetworks / pan-os10.2.9 β 10.2.9
- paloaltonetworks / pan-os10.2.9 β 10.2.9
- paloaltonetworks / pan-os10.2.9 β 10.2.9
- paloaltonetworks / pan-os10.2.9 β 10.2.9
- paloaltonetworks / pan-os10.2.9 β 10.2.9
- paloaltonetworks / pan-os10.2.9 β 10.2.9
- paloaltonetworks / pan-os10.2.9 β 10.2.9
- paloaltonetworks / pan-os10.2.9 β 10.2.9
- paloaltonetworks / pan-os10.2.9 β 10.2.9
- paloaltonetworks / pan-os10.2.9 β 10.2.9
- paloaltonetworks / pan-os10.2.9 β 10.2.9
- paloaltonetworks / pan-os10.2.9 β 10.2.9
- paloaltonetworks / pan-os10.2.9 β 10.2.9
- paloaltonetworks / pan-os10.2.9 β 10.2.9
- paloaltonetworks / pan-os10.2.9 β 10.2.9
- paloaltonetworks / pan-os10.2.8 β 10.2.8
- paloaltonetworks / pan-os10.2.8 β 10.2.8
- paloaltonetworks / pan-os10.2.8 β 10.2.8
- paloaltonetworks / pan-os10.2.8 β 10.2.8
- paloaltonetworks / pan-os10.2.8 β 10.2.8
- paloaltonetworks / pan-os10.2.8 β 10.2.8
- paloaltonetworks / pan-os10.2.8 β 10.2.8
- paloaltonetworks / pan-os10.2.8 β 10.2.8
- paloaltonetworks / pan-os10.2.8 β 10.2.8
- paloaltonetworks / pan-os10.2.8 β 10.2.8
- paloaltonetworks / pan-os10.2.8 β 10.2.8
- paloaltonetworks / pan-os10.2.8 β 10.2.8
- paloaltonetworks / pan-os10.2.8 β 10.2.8
- paloaltonetworks / pan-os10.2.8 β 10.2.8
- paloaltonetworks / pan-os10.2.8 β 10.2.8
- paloaltonetworks / pan-os10.2.8 β 10.2.8
- paloaltonetworks / pan-os10.2.8 β 10.2.8
- paloaltonetworks / pan-os10.2.8 β 10.2.8
- paloaltonetworks / pan-os10.2 β 10.2
- paloaltonetworks / pan-os10.1.14 β 10.1.14
- paloaltonetworks / pan-os10.1.14 β 10.1.14
- paloaltonetworks / pan-os10.1.14 β 10.1.14
- paloaltonetworks / pan-os10.1.14 β 10.1.14
- paloaltonetworks / pan-os10.1.14 β 10.1.14
- paloaltonetworks / pan-os10.1.14 β 10.1.14
- paloaltonetworks / pan-os10.1.14 β 10.1.14
- paloaltonetworks / pan-os10.1 β 10.1
- paloaltonetworks / pan-os10.2.8 β 10.2.8
- paloaltonetworks / pan-os11.2.2 β 11.2.2
- paloaltonetworks / pan-os11.2.2 β 11.2.2