CVE-2022-0022

Name of the Vulnerable Software and Affected Versions Palo Alto Networks PAN-OS versions 8.1 through 8.1.20 Palo Alto Networks PAN-OS versions 9.0 Palo Alto Networks PAN-OS versions 9.1 through 9.1.10 Palo Alto Networks PAN-OS versions 10.0 through 10.0.6

Description The issue is related to the usage of a weak cryptographic algorithm in the password hashes of administrator and local user accounts in Palo Alto Networks PAN-OS software. This weakness allows for password cracking attacks on accounts in normal operational mode. An attacker must have access to the account password hashes to exploit this issue, which can be acquired by gaining access to the PAN-OS software configuration.

Recommendations For PAN-OS 8.1 versions earlier than 8.1.21, update to version 8.1.21 or later. For all versions of PAN-OS 9.0, update to a fixed version of PAN-OS software. For PAN-OS 9.1 versions earlier than 9.1.11, update to version 9.1.11 or later. For PAN-OS 10.0 versions earlier than 10.0.7, update to version 10.0.7 or later.