Dear Teneo Customer,
Palo Alto Networks have released this emergency content update which includes signatures to address recently patched security vulnerabilities affecting the PAN-OS GlobalProtect portal and device management API.
Customers are advised to upgrade PAN-OS as described in Palo Alto Networks Security Advisory PAN-SA-2016-0002 through PAN-SA-2016-0005 (see https://securityadvisories.paloaltonetworks.com/ for details). New vulnerability protection signatures 38902, 38903, and 38904 may be used as an interim mitigation to protect PAN-OS devices until the device software is upgraded.
Note that signatures 38902 and 38903 must be applied to a firewall rule securing traffic destined for the GlobalProtect portal, and 38904 must be applied to traffic destined for the device management web interface in order to be effective. Devices that have upgraded to the latest PAN-OS versions as specified in Security Advisory PAN-SA-2016-0002 through PAN-SA-2016-0005 need not apply these signatures for protection.
For help in properly applying these signatures, please see KB article: https://live.paloaltonetworks.com/t5/Threat-Articles/Stopgap-Mitigations-Against-PAN-SA-2016-0002-PAN-SA-2016-0003/ta-p/73509.
Modified Decoders (1)
New Vulnerability Signatures (3)
Severity ID Attack Name CVE ID Vendor ID Default Action Minimum PAN-OS Version
high 38902 Buffer overflow vulnerability in PAN-OS GlobalProtect SSL VPN portal alert 4.0.0
high 38903 Stack exhaustion vulnerability in PAN-OS GlobalProtect SSL VPN portal alert 4.0.0
high 38904 Unauthenticated command execution in PAN-OS device management API alert 4.0.0
What if I need help?
If you have any questions regarding this notification please don’t hesitate to reach out to us, or visit our support portal.
You can contact us on our 24 x 7 support number or mail us firstname.lastname@example.org
EMEA: +44 (0)845 299 0623
US: +1 877 836 3610
APAC: +61 1800 765 389