CVE-2022-0028
Palo Alto Networks PAN-OS Reflected Amplification Denial-of-Service Vulnerability
CVSS
—
No CVSS
EPSS
2.1%
p80
KEV
YES
Aug 22, 2022
Exploit Today
74
0-100
Published: — · Last modified: —
2.0%EPSS · 30 days2.1%
2026-06-302026-07-17
Product
Palo Alto Networks / PAN-OS
Vulnerability
Palo Alto Networks PAN-OS Reflected Amplification Denial-of-Service Vulnerability
Added to KEV
Aug 22, 2022
Remediate by
Sep 12, 2022
Known ransomware use
No
Summary description
A Palo Alto Networks PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks.
Required action
Apply updates per vendor instructions.
Notes
https://security.paloaltonetworks.com/CVE-2022-0028; https://nvd.nist.gov/vuln/detail/CVE-2022-0028
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2024-3400—100.0%
KEV—80Palo Alto Networks PAN-OS Command Injection Vulnerability—CVE-2024-0012—100.0%
KEV—80Palo Alto Networks PAN-OS Management Interface Authentication Bypass Vulnerability—CVE-2025-0108—99.9%
KEV—80Palo Alto Networks PAN-OS Authentication Bypass Vulnerability—CVE-2017-15944—99.9%
KEV—80Palo Alto Networks PAN-OS Remote Code Execution Vulnerability—CVE-2024-9474—99.8%
KEV—80Palo Alto Networks PAN-OS Management Interface OS Command Injection Vulnerability—CVE-2026-0257—99.7%
KEV—80Palo Alto Networks PAN-OS Authentication Bypass Vulnerability—