Palo Alto Networks GlobalProtect 6.0.3 for Windows

CPE Details

Palo Alto Networks GlobalProtect 6.0.3 for Windows
paloaltonetworks
globalprotect
6.0.3
2023-06-05
11h20 +00:00
2023-06-05
12h02 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:paloaltonetworks:globalprotect:6.0.3:*:*:*:*:windows:*:*

Informations

Vendor

paloaltonetworks

Product

globalprotect

Version

6.0.3

Target Software

windows

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2024-9473 2024-10-09 17h07 +00:00 A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install GlobalProtect.
5.2
Moyen
CVE-2024-8687 2024-09-11 16h40 +00:00 An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configured disable or disconnect passcode. After the password or passcode is known, end users can uninstall, disable, or disconnect GlobalProtect even if the GlobalProtect app configuration would not normally permit them to do so.
6.9
Moyen
CVE-2024-5915 2024-08-14 16h40 +00:00 A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges.
5.2
Moyen
CVE-2024-5908 2024-06-12 16h28 +00:00 A problem with the Palo Alto Networks GlobalProtect app can result in exposure of encrypted user credentials, used for connecting to GlobalProtect, in application logs. Normally, these application logs are only viewable by local users and are included when generating logs for troubleshooting purposes. This means that these encrypted credentials are exposed to recipients of the application logs.
5.5
Moyen
CVE-2024-3661 2024-05-06 18h31 +00:00 DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify network traffic that was expected to be protected by the VPN.
7.6
Haute
CVE-2023-0009 2023-06-14 16h31 +00:00 A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local user to execute programs with elevated privileges.
7.8
Haute
CVE-2023-0006 2023-04-12 16h41 +00:00 A local file deletion vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a user to delete system files from the endpoint with elevated privileges through a race condition.
6.3
Moyen