An advisory published by Palo Alto Networks on October 12 informs customers about a high-severity authentication bypass vulnerability affecting the web interface of its PAN-OS 8.1 software. The security hole is tracked as CVE-2022-0030.
According to the company, a network-based attacker with specific knowledge of the targeted firewall or Panorama appliance can impersonate an existing PAN-OS admin and perform privileged actions.
PAN-OS 8.1.24 and later versions patch the vulnerability, but the vendor noted that PAN-OS 8.1 has reached end of life (EOL) and is supported only on certain firewalls and appliances until they reach EOL status as well.
