Paloaltonetworks

Globalprotect

37 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2024-8687

  • EPSS 0.37%
  • Veröffentlicht 11.09.2024 17:15:14
  • Zuletzt bearbeitet 03.10.2024 00:26:56

An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configured disable or disconnect passcode. After the passwo...

7.8

CVE-2024-5915

  • EPSS 0.13%
  • Veröffentlicht 14.08.2024 17:15:18
  • Zuletzt bearbeitet 20.08.2024 16:23:10

A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges.

7.5

CVE-2024-5908

  • EPSS 0.32%
  • Veröffentlicht 12.06.2024 17:15:53
  • Zuletzt bearbeitet 21.11.2024 09:48:33

A problem with the Palo Alto Networks GlobalProtect app can result in exposure of encrypted user credentials, used for connecting to GlobalProtect, in application logs. Normally, these application logs are only viewable by local users and are include...

7.6

CVE-2024-3661

Medienbericht Exploit
  • EPSS 2.48%
  • Veröffentlicht 06.05.2024 19:15:11
  • Zuletzt bearbeitet 15.01.2025 16:50:28

DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local...

7

CVE-2024-2432

  • EPSS 0.39%
  • Veröffentlicht 13.03.2024 18:15:08
  • Zuletzt bearbeitet 26.09.2025 19:10:56

A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploi...

5.5

CVE-2024-2431

  • EPSS 0.05%
  • Veröffentlicht 13.03.2024 18:15:08
  • Zuletzt bearbeitet 26.09.2025 19:11:17

An issue in the Palo Alto Networks GlobalProtect app enables a non-privileged user to disable the GlobalProtect app in configurations that allow a user to disable GlobalProtect with a passcode.

7.8

CVE-2023-0009

  • EPSS 0.05%
  • Veröffentlicht 14.06.2023 17:15:09
  • Zuletzt bearbeitet 21.11.2024 07:36:23

A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local user to execute programs with elevated privileges.

6.3

CVE-2023-0006

  • EPSS 0.04%
  • Veröffentlicht 12.04.2023 17:15:07
  • Zuletzt bearbeitet 21.11.2024 07:36:22

A local file deletion vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a user to delete system files from the endpoint with elevated privileges through a race condition.

5.5

CVE-2022-0021

  • EPSS 0.05%
  • Veröffentlicht 10.02.2022 18:15:08
  • Zuletzt bearbeitet 21.11.2024 06:37:50

An information exposure through log file vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that logs the cleartext credentials of the connecting GlobalProtect user when authenticating using Connect Before Logon feature. This...

5.5

CVE-2022-0019

  • EPSS 0.04%
  • Veröffentlicht 10.02.2022 18:15:08
  • Zuletzt bearbeitet 21.11.2024 06:37:49

An insufficiently protected credentials vulnerability exists in the Palo Alto Networks GlobalProtect app on Linux that exposes the hashed credentials of GlobalProtect users that saved their password during previous GlobalProtect app sessions to other...