QID 730490
Date Published: 2022-05-12
QID 730490: Palo Alto Networks (PAN-OS) Improper Neutralization Vulnerability (PAN-177551)
PAN OS is the software that runs all Palo Alto Networks next-generation firewalls.
A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated network-based PAN-OS administrator to upload a specifically created configuration that disrupts system processes and potentially execute arbitrary code with root privileges when the configuration is committed on both hardware and virtual firewalls.
Affected Versions:
PAN-OS 10.1 versions earlier than PAN-OS 10.1.5
PAN-OS 10.0 versions earlier than PAN-OS 10.0.10
PAN-OS 9.1 versions earlier than PAN-OS 9.1.13
PAN-OS 9.0 versions earlier than PAN-OS 9.0.16
PAN-OS 8.1 versions earlier than PAN-OS 8.1.23
QID Detection Logic (Authenticated):
This QID looks for the vulnerable version of PAN-OS
A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated network-based PAN-OS administrator to upload a specifically created configuration that disrupts system processes and potentially execute arbitrary code with root privileges when the configuration is committed on both hardware and virtual firewalls.
Refer to PAN-177551 for more information about patching this vulnerability.
Workaround:
This issue requires the attacker to have authenticated access to the PAN-OS management interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.
- PAN-177551 -
security.paloaltonetworks.com/CVE-2022-0024
CVEs related to QID 730490
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| PAN-177551 |
security.paloaltonetworks.com/CVE-2022-0024 |