Rewterz Threat Update – Sanctions of Hydra Dark Web Marketplace and Garantex
April 8, 2022Rewterz Threat Advisory – CVE-2022-26612 – Apache Hadoop for Windows Vulnerability
April 8, 2022Rewterz Threat Update – Sanctions of Hydra Dark Web Marketplace and Garantex
April 8, 2022Rewterz Threat Advisory – CVE-2022-26612 – Apache Hadoop for Windows Vulnerability
April 8, 2022Severity
High
Analysis Summary
CVE-2022-0778
OpenSSL is vulnerable to a denial of service, caused by a flaw in the BN_mod_sqrt() function when parsing certificates. By using a specially-crafted certificate with invalid explicit curve parameters, a remote attacker could exploit this vulnerability to cause an infinite loop, and results in a denial of service condition.
This vulnerability causes the OpenSSL library to enter an infinite loop when parsing an invalid certificate and can result in a Denial-of-Service (DoS) to the application. An attacker does not need a verified certificate to exploit this vulnerability because parsing a bad certificate triggers the infinite loop before the verification process is completed.
The Prisma Cloud and Cortex XSOAR products are not impacted by this vulnerability. However, PAN-OS, GlobalProtect app, and Cortex XDR agent software contain a vulnerable version of the OpenSSL library and product availability is impacted by this vulnerability. For PAN-OS software, this includes both hardware and virtual firewalls and Panorama appliances as well as Prisma Access customers. This vulnerability has reduced severity on Cortex XDR agent and GlobalProtect app as successful exploitation requires an attacker-in-the-middle attack (MITM): 5.9 Medium
Impact
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2022-0778
Affected Vendors
- Palo Alto
- Node.js
Affected Products
- Palo Alto Cortex XDR Agent (all)
- PAN-OS 10.1.5-h1 version and earlier
- PAN-OS 10.0.10 version and earlier
- PAN-OS 10.2.1 version and earlier
- PAN-OS 9.1.13-h3 version and earlier
- PAN-OS 9.0.16-hf version and earlier
- PAN-OS 8.1.23 version and earlier
- OpenSSL 1.1.1
- Node.js 12
- Node.js 14.0
- Node.js 16.0
- Node.js 17.0
- OpenSSL 1.0.2
- OpenSSL 3.0.0
Remediation
Refer to the vendor websites to upgrade to the fixed and patched versions here: