Palo Alto Networks GlobalProtect 4.1.0 for Windows

CPE Details

Palo Alto Networks GlobalProtect 4.1.0 for Windows
paloaltonetworks
globalprotect
4.1.0
2020-02-04
17h30 +00:00
2020-02-04
17h30 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:paloaltonetworks:globalprotect:4.1.0:*:*:*:*:windows:*:*

Informations

Vendor

paloaltonetworks

Product

globalprotect

Version

4.1.0

Target Software

windows

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2024-3661 2024-05-06 18h31 +00:00 DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify network traffic that was expected to be protected by the VPN.
7.6
Haute
CVE-2023-0009 2023-06-14 16h31 +00:00 A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local user to execute programs with elevated privileges.
7.8
Haute
CVE-2020-1988 2020-04-08 18h41 +00:00 An unquoted search path vulnerability in the Windows release of Global Protect Agent allows an authenticated local user with file creation privileges on the root of the OS disk (C:\) or to Program Files directory to gain system privileges. This issue affects Palo Alto Networks GlobalProtect Agent 5.0 versions before 5.0.5; 4.1 versions before 4.1.13 on Windows;
6.7
Moyen
CVE-2019-17435 2019-10-16 16h06 +00:00 A Local Privilege Escalation vulnerability exists in the GlobalProtect Agent for Windows 5.0.3 and earlier, and GlobalProtect Agent for Windows 4.1.12 and earlier, in which the auto-update feature can allow for modification of a GlobalProtect Agent MSI installer package on disk before installation.
5.5
Moyen
CVE-2019-1573 2019-04-09 21h04 +00:00 GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may allow a local authenticated attacker who has compromised the end-user account and gained the ability to inspect memory, to access authentication and/or session tokens and replay them to spoof the VPN session and gain access as the user.
2.5
Bas