CVE-2022-0030

Summary

An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows a network-based attacker with specific knowledge of the target firewall or Panorama appliance to impersonate an existing PAN-OS administrator and perform privileged actions.

Affected Software

VendorProductVersion RangeStatus
Palo Alto NetworksPAN-OS9.0 Allunaffected
Palo Alto NetworksPAN-OS9.1 Allunaffected
Palo Alto NetworksPAN-OS10.1 Allunaffected
Palo Alto NetworksPAN-OS10.2 Allunaffected
Palo Alto NetworksPAN-OS10.0 Allunaffected
Palo Alto NetworksPAN-OS8.1 < 8.1.24affected
Palo Alto NetworksCloud NGFWAllunaffected
Palo Alto NetworksPrisma AccessAllunaffected

Weaknesses

  • CWE-290: CWE-290 Authentication Bypass by Spoofing

Workarounds

Customers with a Threat Prevention subscription can block known attacks for this vulnerability by enabling Threat ID 92720 (Applications and Threats content update 8630-7638).

To exploit this issue, the attacker must have network access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices.

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References