{"id":2146,"date":"2022-08-24T15:57:53","date_gmt":"2022-08-24T07:57:53","guid":{"rendered":"https:\/\/blog.billows.com.tw\/?p=2146"},"modified":"2023-02-13T10:37:40","modified_gmt":"2023-02-13T02:37:40","slug":"cisa%e5%b0%b1palo-alto%e9%98%b2%e7%81%ab%e7%89%86%e7%9a%84-pan-os%e6%bc%8f%e6%b4%9e%e7%9a%84%e9%81%ad%e9%a7%ad%e5%ae%a2%e7%a9%8d%e6%a5%b5%e9%96%8b%e6%8e%a1%ef%bc%8c%e7%99%bc%e5%87%ba%e8%ad%a6%e5%91%8a","status":"publish","type":"post","link":"https:\/\/blog.billows.com.tw\/?p=2146","title":{"rendered":"CISA\u5c31Palo Alto\u9632\u706b\u7246\u7684 PAN-OS\u6f0f\u6d1e\u7684\u906d\u99ed\u5ba2\u7a4d\u6975\u958b\u63a1\uff0c\u767c\u51fa\u8b66\u544a\uff0c\u4e26\u5c07\u5176\u6dfb\u52a0\u5230\u5df2\u77e5\u906d\u6feb\u7528\u4e4b\u6f0f\u6d1e\u6e05\u55ae"},"content":{"rendered":"\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"865\" height=\"487\" src=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2022\/08\/image-32.png\" alt=\"\" class=\"wp-image-2147\" srcset=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2022\/08\/image-32.png 865w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2022\/08\/image-32-300x169.png 300w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2022\/08\/image-32-768x432.png 768w\" sizes=\"auto, (max-width: 865px) 100vw, 865px\" \/><\/figure>\n\n\n\n<p>\u7f8e\u570b\u7db2\u8def\u5b89\u5168\u66a8\u57fa\u790e\u8a2d\u65bd\u5b89\u5168\u5c40\uff08<a href=\"https:\/\/www.cisa.gov\/uscert\/ncas\/current-activity\/2022\/08\/22\/cisa-adds-one-known-exploited-vulnerabilities-catalog\">CISA<\/a>\uff09\u9031\u4e00(8\/22)\u5c07\u5f71\u97ffPalo Alto Networks PAN-OS \u7684\u5b89\u5168\u6f0f\u6d1e\u6dfb\u52a0\u5230\u5176<a href=\"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\">\u5df2\u77e5\u906d\u6feb\u7528\u4e4b\u6f0f\u6d1e\u6e05\u55ae<\/a>(Known Exploited Vulnerabilities Catalog\uff09\u4e2d\u3002\u6f0f\u6d1e\u7de8\u865fCVE-2022-0028\uff08\u6f0f\u6d1e\u98a8\u96aa\u503c8.6\uff09\u662f\u4e00\u7a2eURL \u904e\u6ffe\u653f\u7b56\u932f\u8aa4\u914d\u7f6e\u7684\u9ad8\u56b4\u91cd\u6027\u6f0f\u6d1e\uff0c\u53ef\u5141\u8a31\u672a\u7d93\u8eab\u4efd\u9a57\u8b49\u7684\u9060\u7aef\u653b\u64ca\u8005\u57f7\u884c\u53cd\u5c04\u548c\u653e\u5927\u7684 TCP \u963b\u65b7\u670d\u52d9\uff08Reflected Amplification Denial-of-Service, RDoS\uff09\u653b\u64ca\u3002\u91dd\u5c0d\u653b\u64ca\u8005\u9078\u64c7\u7684\u76ee\u6a19\uff0cDoS \u653b\u64ca\u4f3c\u4e4e\u6e90\u81ea Palo Alto Networks PA \u7cfb\u5217\u8a2d\u5099\u3001VM \u7cfb\u5217\uff08\u865b\u64ec\uff09\u548c CN \u7cfb\u5217\uff08\u5bb9\u5668\u5f0f\uff09\u9632\u706b\u7246\u3002<\/p>\n\n\n\n<p>\u8a72\u4f9b\u61c9\u5546\u8868\u793a\u6700\u8fd1\u7372\u6089\uff0c\u591a\u5bb6\u4f9b\u61c9\u5546\u7684\u9632\u706b\u7246\u88ab\u6feb\u7528\u4f86\u9032\u884c\u5206\u4f48\u5f0f\u963b\u65b7\u670d\u52d9 (DDoS)<a> <\/a>\u653b\u64ca\uff0c\u4f46\u5b83\u6c92\u6709\u900f\u9732\u53d7\u5f71\u97ff\u516c\u53f8\u7684\u540d\u7a31\uff0cPalo Alto\u7684\u8cc7\u5b89\u901a\u544a<a href=\"https:\/\/security.paloaltonetworks.com\/CVE-2022-0028\">\u63d0\u53ca<\/a>\uff0c\u9019\u7a2e\u4f01\u5716\u653b\u64ca\u5229\u7528\u4e86\u4f86\u81ea\u591a\u500b\u4f9b\u61c9\u5546\u7684\u6613\u53d7\u653b\u64ca\u7684\u9632\u706b\u7246\uff0c\u5305\u62ecPalo Alto Networks\u5728\u5167\uff0cPalo Alto\u7684\u8cc7\u5b89\u901a\u544a\u7a31\uff0c\u5118\u7ba1\u6f0f\u6d1e\u88ab\u5229\u7528\uff0c\u4f46\u9019\u500b\u554f\u984c\u4e0d\u6703\u5f71\u97ff\u5176\u7522\u54c1\u7684\u6a5f\u5bc6\u6027\u3001\u5b8c\u6574\u6027\u6216\u53ef\u7528\u6027\u3002 \u7136\u800c\uff0c\u7531\u6b64\u6f0f\u6d1e\u7522\u751f\u7684\u963b\u65b7\u670d\u52d9 (DoS) \u653b\u64ca\u53ef\u80fd\u6709\u52a9\u65bc\u6df7\u6dc6\u653b\u64ca\u8005\u7684\u8eab\u4efd\uff0c\u4e26\u5c07\u9632\u706b\u7246\u4f5c\u70ba\u653b\u64ca\u7684\u4f86\u6e90\u3002<\/p>\n\n\n\n<p>CVE-2022-0028\u9019\u9805\u6f0f\u6d1e\u5f71\u97ff\u9069\u7528\u65bc PA \u7cfb\u5217\u3001VM \u7cfb\u5217\u548c CN \u7cfb\u5217\u8a2d\u5099\u7684\u4ee5\u4e0b PAN-OS \u7248\u672c:<\/p>\n\n\n\n<p>PAN-OS 10.2\uff0810.2.2-h2 \u4ee5\u524d\u7684\u7248\u672c\uff09<\/p>\n\n\n\n<p>PAN-OS 10.1\uff0810.1.6-h6 \u4ee5\u524d\u7684\u7248\u672c\uff09<\/p>\n\n\n\n<p>PAN-OS 10.0\uff0810.0.11-h1 \u4ee5\u524d\u7684\u7248\u672c\uff09<\/p>\n\n\n\n<p>PAN-OS 9.1\uff089.1.14-h4 \u4ee5\u524d\u7684\u7248\u672c\uff09<\/p>\n\n\n\n<p>PAN-OS 9.0\uff089.0.16-h3 \u4ee5\u524d\u7684\u7248\u672c\uff09<\/p>\n\n\n\n<p>PAN-OS 8.1\uff088.1.23-h1 \u4ee5\u524d\u7684\u7248\u672c\uff09<\/p>\n\n\n\n<p>\u4ee5\u53caCloud NGFW\u3001Prisma Access<\/p>\n\n\n\n<p>\u64da Palo Alto Networks \u7a31\uff0c\u6f0f\u6d1e\u4e26\u4e0d\u5f71\u97ff Panorama M \u7cfb\u5217\u6216 Panorama \u865b\u64ec\u6a5f\u5668\uff0cCVE-2022-0028\u4e5f\u5df2\u4f5c\u70baPalo Alto\u672c\u6708\u767c\u5e03\u7684\u66f4\u65b0\u4e00\u90e8\u5206\u5f97\u5230\u89e3\u6c7a\u3002<\/p>\n\n\n\n<p>\u9451\u65bc\u99ed\u5ba2\u7a4d\u6975\u958b\u63a1\uff0cCISA\u5efa\u8b70\u53d7\u5f71\u97ff\u7522\u54c1\u7684\u7528\u6236\u61c9\u7528\u76f8\u95dc\u4fee\u88dc\u4ee5\u6e1b\u8f15\u6f5b\u5728\u5a01\u8105\uff0c\u4e26\u4e0b\u4ee4\u7f8e\u570b\u806f\u90a6\u6c11\u4e8b\u884c\u653f\u90e8\uff08FCEB\uff09\u5fc5\u9808\u5728 2022 \u5e74 9 \u6708 12 \u65e5\u4e4b\u524d\u66f4\u65b0\u5230\u6700\u65b0\u7248\u672c\u3002<\/p>\n\n\n\n<p>\u00a0&#8220;\u8f49\u8cbc\u3001\u5206\u4eab\u6216\u5f15\u7528\u6587\u7ae0\u5167\u5bb9\uff0c\u8acb\u8a3b\u660e\u51fa\u8655\u70ba\u7ae3\u76df\u79d1\u6280\u00a0<a href=\"https:\/\/www.billows.com.tw\/\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/www.billows.com.tw<\/a>\u00a0, \u4ee5\u514d\u89f8\u6cd5&#8221;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u7f8e\u570b\u7db2\u8def\u5b89\u5168\u66a8\u57fa\u790e\u8a2d\u65bd\u5b89\u5168\u5c40\uff08CISA\uff09\u9031\u4e00(8\/22)\u5c07\u5f71\u97ffPalo Alto Networks PAN-O <a class=\"read-more\" href=\"https:\/\/blog.billows.com.tw\/?p=2146\">READ MORE<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[174],"class_list":["post-2146","post","type-post","status-publish","format-standard","hentry","category-6","tag-news"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/2146","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2146"}],"version-history":[{"count":2,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/2146\/revisions"}],"predecessor-version":[{"id":2409,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/2146\/revisions\/2409"}],"wp:attachment":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2146"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2146"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2146"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}