February 4, 2023

Palo Alto Networks patched a high-severity authentication bypass flaw impacting the PAN-OS 8.1 software.

The vulnerability tracked as CVE-2022-0030 with a CVSS score 8.1, resides in the web interface of PAN-OS 8.1 software, a network-based attacker with specific knowledge of the targeted firewall or Panorama appliance can exploit the issue to impersonate an existing PAN-OS admin and perform privileged actions.

Advertisements

The flaw was addressed in PAN-OS 8.1.24 and later versions, the company pointed out that PAN-OS 8.1 has reached end-of-life and is supported only on PA-200, PA-500, and PA-5000 Series firewalls and on M-100 appliances until they reach EOL status as well.

Palo Alto said it is not aware of any malicious exploitation of this issue.

Leave a Reply

%d bloggers like this: