Palo Alto Networks GlobalProtect 5.3.1 for Linux

CPE Details

Palo Alto Networks GlobalProtect 5.3.1 for Linux
paloaltonetworks
globalprotect
5.3.1
2021-10-14
16h56 +00:00
2021-10-15
11h10 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:paloaltonetworks:globalprotect:5.3.1:*:*:*:*:linux:*:*

Informations

Vendor

paloaltonetworks

Product

globalprotect

Version

5.3.1

Target Software

linux

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2024-3661 2024-05-06 18h31 +00:00 DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify network traffic that was expected to be protected by the VPN.
7.6
Haute
CVE-2022-0019 2022-02-10 18h10 +00:00 An insufficiently protected credentials vulnerability exists in the Palo Alto Networks GlobalProtect app on Linux that exposes the hashed credentials of GlobalProtect users that saved their password during previous GlobalProtect app sessions to other local users on the system. The exposed credentials enable a local attacker to authenticate to the GlobalProtect portal or gateway as the target user without knowing of the target user’s plaintext password. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.10 on Linux. GlobalProtect app 5.2 versions earlier than and including GlobalProtect app 5.2.7 on Linux. GlobalProtect app 5.3 versions earlier than GlobalProtect app 5.3.2 on Linux. This issue does not affect the GlobalProtect app on other platforms.
5.5
Moyen