GlobalProtect Portal Version Disclosure (PAN-SA-2016-0026)

Last revised: 10/04/2016

Summary

A Palo Alto Networks firewall configured to host the GlobalProtect Portal advertises its running PAN-OS version. (Ref # PAN-60568/99786)

Severity: Low

This information disclosure does not lead to a device compromise or a disallowed access.

Products Affected

PAN-OS 7.0.9 and earlier; PAN-OS 7.1.4 and earlier

Available Updates

PAN-OS 7.0.10 and later; PAN-OS 7.1.5 and later

Workarounds and Mitigations

The GlobalProtect Portal requires installation on only a single device of the entire security architecture. Customers concerned by this information disclosure can choose to disable the web interface portal in order to deflect attention away from the presence of GlobalProtect.

Acknowledgements

Mikail Tunç