2 matches found
CVE-2021-45809
GlobalProtect-openconnect versions prior to 1.4.3 are affected by incorrect access control in GPService through DBUS, GUI Application. The way GlobalProtect-Openconnect is set up enables arbitrary users to execute commands as root by submitting the --script=...
CVE-2021-45809
The CVE-2021-45809 entry affects GlobalProtect-openconnect versions prior to 1.4.3, due to incorrect access control in GPService via DBus and the GUI application. This flaw allows arbitrary users to run root commands by supplying the --script=[removed] parameter, indicating a high-severity privil...