Palo Alto Networks Security Advisories / PAN-SA-2016-0013

PAN-SA-2016-0013 Captive Portal denial of service


047910
Severity 5.3 · MEDIUM
Attack Vector NETWORK
Scope UNCHANGED
Attack Complexity LOW
Confidentiality Impact NONE
Privileges Required NONE
Integrity Impact NONE
User Interaction NONE
Availability Impact LOW
JSON CSAF
Published 2016-07-14
Updated 2016-07-14
Reference 92413, PAN-SA-2016-0013

Description

You can configure Palo Alto Networks firewalls to host a web-based Captive Portal to authenticate users. A denial of service condition was identified in this subsystem (Ref. 92413).

A third party user could remotely disrupt the captive portal’s operation, provoking a delay before it resumes normal operations.

This issue affects PAN-OS 5.0.18 and earlier; PAN-OS 6.0.13 and earlier; PAN-OS 6.1.11 and earlier; PAN-OS 7.0.6 and earlier; PAN-OS 7.1.1 and earlier

Product Status

VersionsAffectedUnaffected
PAN-OS 7.1<= 7.1.1>= 7.1.2
PAN-OS 7.0<= 7.0.6>= 7.0.7
PAN-OS 6.1<= 6.1.11>= 6.1.12
PAN-OS 6.0<= 6.0.13>= 6.0.14
PAN-OS 5.0<= 5.0.18>= 5.0.19

Severity: MEDIUM

CVSSv3.1 Base Score: 5.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Solution

PAN-OS 5.0.19 and later; PAN-OS 6.0.14 and later; PAN-OS 6.1.12 and later; PAN-OS 7.0.7 and later; PAN-OS 7.1.2 and later

Workarounds and Mitigations

N/A

Acknowledgments

Palo Alto Networks thanks Felix Wilhelm, ERNW Research for discovering and reporting the issue.
Terms of usePrivacyProduct Security Assurance and Vulnerability Disclosure PolicyReport vulnerabilitiesManage subscriptions
© 2025 Palo Alto Networks, Inc. All rights reserved.