Palo Alto Networks Security Advisories / PAN-SA-2016-0026

PAN-SA-2016-0026 GlobalProtect Portal Version Disclosure

047910
Severity 0 · NONE
Attack Vector NETWORK
Attack Complexity LOW
Privileges Required NONE
User Interaction NONE
Scope UNCHANGED
Confidentiality Impact NONE
Integrity Impact NONE
Availability Impact NONE

Description

A Palo Alto Networks firewall configured to host the GlobalProtect Portal advertises its running PAN-OS version. (Ref # PAN-60568/99786)

This information disclosure does not lead to a device compromise or a disallowed access.

This issue affects PAN-OS 7.0.9 and earlier; PAN-OS 7.1.4 and earlier

Product Status

VersionsAffectedUnaffected
PAN-OS 7.1<= 7.1.4>= 7.1.5
PAN-OS 7.0<= 7.0.9>= 7.0.10

Severity: NONE

CVSSv3.1 Base Score: 0 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N)

Weakness Type

Solution

PAN-OS 7.0.10 and later; PAN-OS 7.1.5 and later

Workarounds and Mitigations

The GlobalProtect Portal requires installation on only a single device of the entire security architecture. Customers concerned by this information disclosure can choose to disable the web interface portal in order to deflect attention away from the presence of GlobalProtect.

Acknowledgments

Mikail Tunç
© 2020 Palo Alto Networks, Inc. All rights reserved.