Lucene search

K
paloaltoPalo Alto Networks Product Security Incident Response TeamPA-CVE-2022-0778
HistoryMar 31, 2022 - 2:30 a.m.

Impact of the OpenSSL Infinite Loop Vulnerability CVE-2022-0778

2022-03-3102:30:00
Palo Alto Networks Product Security Incident Response Team
securityadvisories.paloaltonetworks.com
233
openssl vulnerability
dos
pan-os
globalprotect
cortex xdr
threat prevention
cve-2022-0778

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.016

Percentile

87.6%

The Palo Alto Networks Product Security Assurance team has evaluated the OpenSSL infinite loop vulnerability (CVE-2022-0778) as it relates to our products.

This vulnerability causes the OpenSSL library to enter an infinite loop when parsing an invalid certificate and can result in a Denial-of-Service (DoS) to the application. An attacker does not need a verified certificate to exploit this vulnerability because parsing a bad certificate triggers the infinite loop before the verification process is completed.

The Prisma Cloud and Cortex XSOAR products are not impacted by this vulnerability. However, PAN-OS, GlobalProtect app, and Cortex XDR agent software contain a vulnerable version of the OpenSSL library and product availability is impacted by this vulnerability. For PAN-OS software, this includes both hardware and virtual firewalls and Panorama appliances as well as Prisma Access customers. This vulnerability has reduced severity on Cortex XDR agent and GlobalProtect app as successful exploitation requires a meddler-in-the-middle attack (MITM): 5.9 Medium (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).

All fixed versions of Cortex XDR agent, GlobalProtect app, and PAN-OS are now available.

Work around:
Customers with a Threat Prevention subscription can block known attacks for this vulnerability by enabling Threat IDs 92409 and 92411 (Applications and Threats content update 8552). This mitigation reduces the risk of exploitation from known exploits.

Customers will need to upgrade their products to a fixed version to completely remove the risk of this issue.

Affected configurations

Vulners
Node
paloaltonetworksprisma_accessMatchpreferred\,_innovation
OR
paloaltonetworksprisma_accessMatchpreferred
OR
paloaltonetworksprisma_accessMatchpreferred\,_innovation
OR
paloaltonetworksprisma_accessMatchpreferred\,_innovation
OR
paloaltonetworkscortex_xdr_agentMatch7.4.\*
OR
paloaltonetworkspan-osRange<8.1.23
OR
paloaltonetworkspan-osRange<9.1.13-h3
OR
paloaltonetworkspan-osRange<10.2.1
OR
globalprotect_appRange<5.3.4
OR
globalprotect_appRange<6.0.2
OR
paloaltonetworkscortex_xdr_agentRange<6.1.9.61370
OR
paloaltonetworkscortex_xdr_agentRange<7.7.0.60725
VendorProductVersionCPE
paloaltonetworksprisma_accesspreferred,_innovationcpe:2.3:a:paloaltonetworks:prisma_access:preferred\,_innovation:*:*:*:*:*:*:*
paloaltonetworksprisma_accesspreferredcpe:2.3:a:paloaltonetworks:prisma_access:preferred:*:*:*:*:*:*:*
paloaltonetworkscortex_xdr_agent7.4.*cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.4.\*:*:*:*:*:*:*:*
paloaltonetworkspan-os*cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
*globalprotect_app*cpe:2.3:a:*:globalprotect_app:*:*:*:*:*:*:*:*
paloaltonetworkscortex_xdr_agent*cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.016

Percentile

87.6%