CVE-2022-0030 - OpenCVE

An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows a network-based attacker with specific knowledge of the target firewall or Panorama appliance to impersonate an existing PAN-OS administrator and perform privileged actions.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Paloaltonetworks	Pan-os

Configuration 1 [-]

cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://security.paloaltonetworks.com/CVE-2022-0030

History

No history.

MITRE

Status: PUBLISHED

Assigner: palo_alto

Published: 2022-10-12T16:30:12.300627Z

Updated: 2024-09-16T20:36:43.575Z

Reserved: 2021-12-28T00:00:00

Link: CVE-2022-0030

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-10-12T17:15:10.493

Modified: 2022-10-14T15:33:50.897

Link: CVE-2022-0030

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-0030", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "assignerShortName": "palo_alto", "datePublished": "2022-10-12T16:30:12.300627Z", "dateUpdated": "2024-09-16T20:36:43.575Z", "dateReserved": "2021-12-28T00:00:00"}, "containers": {"cna": {"title": "PAN-OS: Authentication Bypass in Web Interface", "datePublic": "2022-10-12T00:00:00", "providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2022-10-12T00:00:00"}, "descriptions": [{"lang": "en", "value": "An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows a network-based attacker with specific knowledge of the target firewall or Panorama appliance to impersonate an existing PAN-OS administrator and perform privileged actions."}], "affected": [{"vendor": "Palo Alto Networks", "product": "PAN-OS", "versions": [{"version": "9.0 All", "status": "unaffected"}, {"version": "9.1 All", "status": "unaffected"}, {"version": "10.1 All", "status": "unaffected"}, {"version": "10.2 All", "status": "unaffected"}, {"version": "10.0 All", "status": "unaffected"}, {"version": "8.1", "status": "affected", "lessThan": "8.1.24", "versionType": "custom", "changes": [{"at": "8.1.24", "status": "unaffected"}]}]}, {"vendor": "Palo Alto Networks", "product": "Cloud NGFW", "versions": [{"version": "All", "status": "unaffected"}]}, {"vendor": "Palo Alto Networks", "product": "Prisma Access", "versions": [{"version": "All", "status": "unaffected"}]}], "references": [{"url": "https://security.paloaltonetworks.com/CVE-2022-0030"}], "credits": [{"lang": "en", "value": "Palo Alto Networks thanks the security researcher that discovered and reported this issue."}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-290 Authentication Bypass by Spoofing", "cweId": "CWE-290"}]}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "source": {"defect": ["PAN-195571"], "discovery": "EXTERNAL"}, "workarounds": [{"lang": "en", "value": "Customers with a Threat Prevention subscription can block known attacks for this vulnerability by enabling Threat ID 92720 (Applications and Threats content update 8630-7638).\n\nTo exploit this issue, the attacker must have network access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices."}], "exploits": [{"lang": "en", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."}], "timeline": [{"lang": "en", "time": "2022-10-12T00:00:00", "value": "Initial publication"}], "solutions": [{"lang": "en", "value": "This issue is fixed in PAN-OS 8.1.24 and all later PAN-OS versions.\n\nPlease note that PAN-OS 8.1 has reached its software end-of-life (EoL) and is supported only on PA-200, PA-500, and PA-5000 Series firewalls and on M-100 appliances and only until each of their respective hardware EoL dates: https://www.paloaltonetworks.com/services/support/end-of-life-announcements/hardware-end-of-life-dates.html."}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:18:41.402Z"}, "title": "CVE Program Container", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2022-0030", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "F7D77695-CFDE-4BAE-8C8B-E389CC5C7A3F", "versionEndExcluding": "8.1.24", "versionStartIncluding": "8.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows a network-based attacker with specific knowledge of the target firewall or Panorama appliance to impersonate an existing PAN-OS administrator and perform privileged actions."}, {"lang": "es", "value": "Una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n en la interfaz web de Palo Alto Networks PAN-OS versi\u00f3n 8.1, permite a un atacante basado en la red con conocimientos espec\u00edficos del firewall o dispositivo Panorama de destino hacerse pasar por un administrador de PAN-OS existente y llevar a cabo acciones privilegiadas"}], "id": "CVE-2022-0030", "lastModified": "2022-10-14T15:33:50.897", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}, "published": "2022-10-12T17:15:10.493", "references": [{"source": "psirt@paloaltonetworks.com", "tags": ["Vendor Advisory"], "url": "https://security.paloaltonetworks.com/CVE-2022-0030"}], "sourceIdentifier": "psirt@paloaltonetworks.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-290"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-290"}], "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}