RSS   Vulnerabilities for 'Globalprotect'   RSS

2019-04-09
 
CVE-2019-1573

CWE-287
 

 
GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may allow an attacker to access authentication and/or session tokens and replay them to spoof the VPN session and gain access as the user.

 
2017-12-11
 
CVE-2017-15870

CWE-284
 

 
Palo Alto Networks GlobalProtect Agent before 4.0.3 allows attackers with administration rights on the local station to gain SYSTEM privileges via vectors involving "image path execution hijacking."

 
2013-08-31
 
CVE-2012-6606

CWE-310
 

 
Palo Alto Networks GlobalProtect before 1.1.7, and NetConnect, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof portal servers and obtain sensitive information via a crafted certificate.

 

 >>> Vendor: Paloaltonetworks 8 Products
Globalprotect
Netconnect
Pan-os
Expedition
Expedition migration tool
Demisto
Traps
Minemeld


Copyright 2019, cxsecurity.com

 

Back to Top