Globalprotect@5.1 Security Vulnerabilities and Issues — Globalprotect@5.1 CVE List

Lucene search

PaloaltonetworksGlobalprotect5.1

8 matches found

CVE•added 2022/02/10 6:15 p.m.•88 views

CVE-2022-0019

An insufficiently protected credentials vulnerability exists in the Palo Alto Networks GlobalProtect app on Linux that exposes the hashed credentials of GlobalProtect users that saved their password during previous GlobalProtect app sessions to other local users on the system. The exposed credentia...

5.5CVSS5AI score0.00039EPSS

CVE•added 2024/10/09 5:15 p.m.•80 views

CVE-2024-9473

A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install GlobalP...

7.8CVSS7.9AI score0.00048EPSS

CVE•added 2024/06/12 5:15 p.m.•76 views

CVE-2024-5908

A problem with the Palo Alto Networks GlobalProtect app can result in exposure of encrypted user credentials, used for connecting to GlobalProtect, in application logs. Normally, these application logs are only viewable by local users and are included when generating logs for troubleshooting purpos...

7.5CVSS7.5AI score0.00238EPSS

CVE•added 2022/02/10 6:15 p.m.•72 views

CVE-2022-0017

An improper link resolution before file access ('link following') vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that enables a local attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges under certain circumstances. This iss...

7.8CVSS7.4AI score0.00119EPSS

CVE•added 2021/10/13 4:15 p.m.•69 views

CVE-2021-3057

A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalP...

9.3CVSS8.3AI score0.00695EPSS

CVE•added 2022/02/10 6:15 p.m.•64 views

CVE-2022-0018

An information exposure vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows and MacOS where the credentials of the local user account are sent to the GlobalProtect portal when the Single Sign-On feature is enabled in the GlobalProtect portal configuration. This product behav...

6.5CVSS6.2AI score0.00253EPSS

CVE•added 2020/04/08 7:15 p.m.•48 views

CVE-2020-1987

An information exposure vulnerability in the logging component of Palo Alto Networks Global Protect Agent allows a local authenticated user to read VPN cookie information when the troubleshooting logging level is set to "Dump". This issue affects Palo Alto Networks Global Protect Agent 5.0 versions...

3.9CVSS3.5AI score0.00107EPSS

CVE•added 2020/04/08 7:15 p.m.•42 views

CVE-2020-1989

An incorrect privilege assignment vulnerability when writing application-specific files in the Palo Alto Networks Global Protect Agent for Linux on ARM platform allows a local authenticated user to gain root privileges on the system. This issue affects Palo Alto Networks Global Protect Agent for Li...

7.8CVSS7.2AI score0.00109EPSS