Palo Alto Networks Security Advisories / PAN-SA-2016-0026

PAN-SA-2016-0026 GlobalProtect Portal Version Disclosure

Severity 0 · NONE
Attack Vector Not applicable
Scope Not applicable
Attack Complexity Not applicable
Confidentiality Impact NONE
Privileges Required Not applicable
Integrity Impact NONE
User Interaction Not applicable
Availability Impact NONE


A Palo Alto Networks firewall configured to host the GlobalProtect Portal advertises its running PAN-OS version. (Ref # PAN-60568/99786)

This information disclosure does not lead to a device compromise or a disallowed access.

This issue affects PAN-OS 7.0.9 and earlier; PAN-OS 7.1.4 and earlier

Product Status

PAN-OS 7.1<= 7.1.4>= 7.1.5
PAN-OS 7.0<= 7.0.9>= 7.0.10


CVSSv3.1 Base Score:0 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N)

Weakness Type


PAN-OS 7.0.10 and later; PAN-OS 7.1.5 and later

Workarounds and Mitigations

The GlobalProtect Portal requires installation on only a single device of the entire security architecture. Customers concerned by this information disclosure can choose to disable the web interface portal in order to deflect attention away from the presence of GlobalProtect.


Mikail Tunç
© 2023 Palo Alto Networks, Inc. All rights reserved.