Palo Alto Networks introduced new features in our Customer Support Portal (CSP) that address security concerns related to support.paloaltonetworks.com. A security researcher informed us that it was possible to brute-force our user registration process and potentially register an unauthorized individual support account linked to a customer.
Customers who enabled the requirement of “super-user approval”on their support accounts would have been notified of attempts to create new accounts linked to their respective CSP account. However, we are aware that not all customers have adopted this setting.
Therefore, to mitigate potential brute-forcing, we have added a captcha feature that requires input from the user during the registration process on the CSP.
As an additional security measure, we’ve made the “super-user approval” requirement the default setting within the CSP. We suggest that all customers keep this requirement as the default setting, so they are notified when a new account is created within their CSP account.
Should you have any questions about this advisory, please contact Palo Alto Networks Support Team at support.paloaltonetworks.com.
Palo Alto Networks Product Security Incident Response Team