Palo Alto Networks Security Advisories / PAN-SA-2016-0013

PAN-SA-2016-0013 Captive Portal denial of service

Severity 5.3 · MEDIUM
Attack Vector NETWORK
Attack Complexity LOW
Privileges Required NONE
User Interaction NONE
Confidentiality Impact NONE
Integrity Impact NONE
Availability Impact LOW


You can configure Palo Alto Networks firewalls to host a web-based Captive Portal to authenticate users. A denial of service condition was identified in this subsystem (Ref. 92413).

A third party user could remotely disrupt the captive portal’s operation, provoking a delay before it resumes normal operations.

This issue affects PAN-OS 5.0.18 and earlier; PAN-OS 6.0.13 and earlier; PAN-OS 6.1.11 and earlier; PAN-OS 7.0.6 and earlier; PAN-OS 7.1.1 and earlier

Product Status

PAN-OS 7.1<= 7.1.1>= 7.1.2
PAN-OS 7.0<= 7.0.6>= 7.0.7
PAN-OS 6.1<= 6.1.11>= 6.1.12
PAN-OS 6.0<= 6.0.13>= 6.0.14
PAN-OS 5.0<= 5.0.18>= 5.0.19

Severity: MEDIUM

CVSSv3.1 Base Score: 5.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Weakness Type


PAN-OS 5.0.19 and later; PAN-OS 6.0.14 and later; PAN-OS 6.1.12 and later; PAN-OS 7.0.7 and later; PAN-OS 7.1.2 and later

Workarounds and Mitigations



Felix Wilhelm, ERNW Research
© 2020 Palo Alto Networks, Inc. All rights reserved.