Palo Alto Networks fixed a high-severity auth bypass flaw in PAN-OS

Palo Alto Networks addressed a high-severity authentication bypass vulnerability affecting the PAN-OS 8.1 software.

Palo Alto Networks released security patches to address a high-severity authentication bypass flaw, tracked as CVE-2022-0030 (CVSS score 8.1), impacting the PAN-OS 8.1 software.

“An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows a network-based attacker with specific knowledge of the target firewall or Panorama appliance to impersonate an existing PAN-OS administrator and perform privileged actions.” reads the advisory published by Palo Alto Networks.

The vulnerability resides in the web interface of its PAN-OS 8.1 software, a network-based attacker with specific knowledge of the targeted firewall or Panorama appliance can exploit the issue to impersonate an existing PAN-OS admin and perform privileged actions.

Below is the list of affected versions:

Versions	Affected	Unaffected
Cloud NGFW	None	All
PAN-OS 10.2	None	All
PAN-OS 10.1	None	All
PAN-OS 10.0	None	All
PAN-OS 9.1	None	All
PAN-OS 9.0	None	All
PAN-OS 8.1	< 8.1.24	>= 8.1.24
Prisma Access	None	All

The flaw was addressed in PAN-OS 8.1.24 and later versions, the company pointed out that PAN-OS 8.1 has reached end-of-life (EOL) and is supported only on PA-200, PA-500, and PA-5000 Series firewalls and on M-100 appliances until they reach EOL status as well.

The security vendor said it is not aware of any malicious exploitation of this issue.

The flaws are tracked as CVE-2022-37913 and CVE-2022-37914, and they can be exploited remotely by an unauthenticated attacker to obtain admin privileges on the targeted system. An advisory describing the vulnerabilities was published on October 11.

The advisory also informs Aruba customers about a critical unauthenticated remote code execution vulnerability (CVE-2022-37915) affecting the same orchestrator product.

“A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an unauthenticated remote attacker to run arbitrary commands on the underlying host. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands on the underlying operating system leading to complete system compromise,” the company said.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, CVE-2022-0030)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.