A Palo Alto Networks firewall configured to host the GlobalProtect Portal advertises its running PAN-OS version. (Ref # PAN-60568/99786)
This information disclosure does not lead to a device compromise or a disallowed access.
This issue affects PAN-OS 7.0.9 and earlier; PAN-OS 7.1.4 and earlier
Versions | Affected | Unaffected |
---|---|---|
PAN-OS 7.1 | <= 7.1.4 | >= 7.1.5 |
PAN-OS 7.0 | <= 7.0.9 | >= 7.0.10 |
CVSSv3.1 Base Score: 0 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N)
PAN-OS 7.0.10 and later; PAN-OS 7.1.5 and later
The GlobalProtect Portal requires installation on only a single device of the entire security architecture. Customers concerned by this information disclosure can choose to disable the web interface portal in order to deflect attention away from the presence of GlobalProtect.