Palo Alto Networks Security Advisories / CVE-2022-0030

CVE-2022-0030 PAN-OS: Authentication Bypass in Web Interface

047910
Severity 8.1 · HIGH
Attack Vector NETWORK
Scope UNCHANGED
Attack Complexity HIGH
Confidentiality Impact HIGH
Privileges Required NONE
Integrity Impact HIGH
User Interaction NONE
Availability Impact HIGH

Description

An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows a network-based attacker with specific knowledge of the target firewall or Panorama appliance to impersonate an existing PAN-OS administrator and perform privileged actions.

Product Status

VersionsAffectedUnaffected
Cloud NGFW NoneAll
PAN-OS 10.2NoneAll
PAN-OS 10.1NoneAll
PAN-OS 10.0NoneAll
PAN-OS 9.1NoneAll
PAN-OS 9.0NoneAll
PAN-OS 8.1< 8.1.24>= 8.1.24
Prisma Access NoneAll

Severity:HIGH

CVSSv3.1 Base Score:8.1 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)

Exploitation Status

Palo Alto Networks is not aware of any malicious exploitation of this issue.

Weakness Type

CWE-290 Authentication Bypass by Spoofing

Solution

This issue is fixed in PAN-OS 8.1.24 and all later PAN-OS versions.

Please note that PAN-OS 8.1 has reached its software end-of-life (EoL) and is supported only on PA-200, PA-500, and PA-5000 Series firewalls and on M-100 appliances and only until each of their respective hardware EoL dates: https://www.paloaltonetworks.com/services/support/end-of-life-announcements/hardware-end-of-life-dates.html.

Workarounds and Mitigations

Customers with a Threat Prevention subscription can block known attacks for this vulnerability by enabling Threat ID 92720 (Applications and Threats content update 8630-7638).

To exploit this issue, the attacker must have network access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices.

Acknowledgments

Palo Alto Networks thanks the security researcher that discovered and reported this issue.

Timeline

Initial publication
© 2022 Palo Alto Networks, Inc. All rights reserved.