Palo Alto Networks patched a high-severity authentication bypass flaw impacting the PAN-OS 8.1 software.
The vulnerability tracked as CVE-2022-0030 with a CVSS score 8.1, resides in the web interface of PAN-OS 8.1 software, a network-based attacker with specific knowledge of the targeted firewall or Panorama appliance can exploit the issue to impersonate an existing PAN-OS admin and perform privileged actions.
Advertisements
The flaw was addressed in PAN-OS 8.1.24 and later versions, the company pointed out that PAN-OS 8.1 has reached end-of-life and is supported only on PA-200, PA-500, and PA-5000 Series firewalls and on M-100 appliances until they reach EOL status as well.
Palo Alto said it is not aware of any malicious exploitation of this issue.
