CVE-2022-36067 (Protection against JavaScript Sandbox RCE) is it cover in any Palo Alto Signature

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

CVE-2022-36067 (Protection against JavaScript Sandbox RCE) is it cover in any Palo Alto Signature

L4 Transporter

Just want to know CVE-2022-36067 is it cover in any Palo Alto Signature ? 

I tried to search it in Threat Vault and Security Advisories also do not have information related to this CVE is that means Palo Alto firewall will not detect this vulnerability? 

1 accepted solution

Accepted Solutions

A signature (TID: 93195) for the vulnerability (CVE-2022-36067) was released in content version 8639.
https://threatvault.paloaltonetworks.com/?query=93195&type=

View solution in original post

8 REPLIES 8

L5 Sessionator

Currently, Palo Alto Networks is researching on the vulnerability. There's no signature available yet.

 

For your reference: "A vulnerability/CVE is released; when will the vulnerability signature[IPS] be released? Why do some CVEs not have vulnerability signatures? What is default action?"
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000HAOnCAO

 

When there's an update, I can share the status here.

Hi Ymiyashita, 

 

Thanks for your reply, according to the KB does it mean the signature will available soon? 

 

Hi @JiaXiang,

 

Regarding this particular vulnerability (CVE-2022-36067), Palo Alto Networks is still researching on it. At this time, there's no ETA.

Hi @ymiyashita ,

 

Any update for this CVE-2022-36067 ? 

Do you know usually for 1 vulnerability need how much time to research? 

Currently, we are evaluating the potential coverage for CVE-2022-36067.
The time frame of the signature release really depends on the each vulnerabilities.
For a signature coverage request in general, you may want to open a support case (from the next time onwards) so that Palo Alto Networks can know how many customers are requesting for the coverage.

A signature (TID: 93195) for the vulnerability (CVE-2022-36067) was released in content version 8639.
https://threatvault.paloaltonetworks.com/?query=93195&type=

Thank you for your update.

L0 Member

Thanks for the link.

Thanks for the link. It might be useful to take into account https://bestcasinoplay.ca/online-casinos/no-download-casinos/ while attempting to determine whether a specific online casino is right for you. This will enable you to make a well-informed choice. Following a comprehensive analysis of the gaming sites,
  • 1 accepted solution
  • 3786 Views
  • 8 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!