Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
globalprotect vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2017-7409
Palo Alto Networks PAN-OS prior to 7.0.15 has XSS in the GlobalProtect external interface via crafted request parameters, aka PAN-SA-2017-0011 and PAN-70674.
Paloaltonetworks Pan-os
8.1
CVSSv3
CVE-2020-2034
An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based malicious user to execute arbitrary OS commands with root privileges. An attacker requires some knowledge of the firewall to exploit this issue. This issue can not be ...
Paloaltonetworks Pan-os
2 Github repositories
1 Article
7.5
CVSSv3
CVE-2016-3656
The GlobalProtect Portal in Palo Alto Networks PAN-OS prior to 5.0.18, 6.0.x prior to 6.0.13, 6.1.x prior to 6.1.10, and 7.0.x prior to 7.0.5H2 allows remote malicious users to cause a denial of service (service crash) via a crafted request.
Paloaltonetworks Pan-os
6.1
CVSSv3
CVE-2017-9467
Cross-site scripting (XSS) vulnerability in the GlobalProtect external interface in Palo Alto Networks PAN-OS prior to 6.1.18, 7.x prior to 7.0.16, 7.1.x prior to 7.1.11, and 8.x prior to 8.0.3 allows remote malicious users to inject arbitrary web script or HTML via unspecified v...
Paloaltonetworks Pan-os
Paloaltonetworks Pan-os 7.0.7
Paloaltonetworks Pan-os 7.0.9
Paloaltonetworks Pan-os 7.1.0
Paloaltonetworks Pan-os 7.1.2
Paloaltonetworks Pan-os 7.1.7
Paloaltonetworks Pan-os 7.1.9
Paloaltonetworks Pan-os 7.0.2
Paloaltonetworks Pan-os 7.0.3
Paloaltonetworks Pan-os 7.0.4
Paloaltonetworks Pan-os 7.0.5
Paloaltonetworks Pan-os 7.0.6
Paloaltonetworks Pan-os 7.1.3
Paloaltonetworks Pan-os 7.1.4
Paloaltonetworks Pan-os 7.1.4-h2
Paloaltonetworks Pan-os 7.1.6
Paloaltonetworks Pan-os 7.0.11
Paloaltonetworks Pan-os 7.0.12
Paloaltonetworks Pan-os 7.0.13
Paloaltonetworks Pan-os 7.0.14
Paloaltonetworks Pan-os 8.0.0
Paloaltonetworks Pan-os 8.0.1
9.8
CVSSv3
CVE-2016-3657
Buffer overflow in the GlobalProtect Portal in Palo Alto Networks PAN-OS prior to 5.0.18, 6.0.x prior to 6.0.13, 6.1.x prior to 6.1.10, and 7.0.x prior to 7.0.5 allows remote malicious users to cause a denial of service (device crash) or possibly execute arbitrary code via an SSL...
Paloaltonetworks Pan-os
10
CVSSv3
CVE-2020-2021
When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Identity Provider Certificate' option is disabled (unchecked), improper verification of signatures in PAN-OS SAML authentication enables an unauthenticated network-based malicious...
Paloaltonetworks Pan-os
3 Github repositories
1 Article
6.1
CVSSv3
CVE-2017-12416
Cross-site scripting (XSS) vulnerability in the GlobalProtect internal and external gateway interface in Palo Alto Networks PAN-OS prior to 6.1.18, 7.0.x prior to 7.0.17, 7.1.x prior to 7.1.12, and 8.0.x prior to 8.0.3 allows remote malicious users to inject arbitrary web script ...
Paloaltonetworks Pan-os 8.0.1
Paloaltonetworks Pan-os 7.1.8
Paloaltonetworks Pan-os 7.1.0
Paloaltonetworks Pan-os 7.0.2
Paloaltonetworks Pan-os 7.0.4
Paloaltonetworks Pan-os 7.0.9
Paloaltonetworks Pan-os 7.0.11
Paloaltonetworks Pan-os 7.1.2
Paloaltonetworks Pan-os 7.1.3
Paloaltonetworks Pan-os 7.1.4
Paloaltonetworks Pan-os 7.0.0
Paloaltonetworks Pan-os
Paloaltonetworks Pan-os 7.1.11
Paloaltonetworks Pan-os 7.1.10
Paloaltonetworks Pan-os 7.1.9
Paloaltonetworks Pan-os 7.1.6
Paloaltonetworks Pan-os 7.0.5
Paloaltonetworks Pan-os 7.0.6
Paloaltonetworks Pan-os 7.0.7
Paloaltonetworks Pan-os 7.0.8
Paloaltonetworks Pan-os 8.0.0
Paloaltonetworks Pan-os 8.0.2
5.4
CVSSv3
CVE-2020-1993
The GlobalProtect Portal feature in PAN-OS does not set a new session identifier after a successful user login, which allows session fixation attacks, if an attacker is able to control a user's session ID. This issue affects: All PAN-OS 7.1 and 8.0 versions; PAN-OS 8.1 versi...
Paloaltonetworks Pan-os
9.8
CVSSv3
CVE-2017-9458
XML external entity (XXE) vulnerability in the GlobalProtect internal and external gateway interface in Palo Alto Networks PAN-OS prior to 6.1.18, 7.0.x prior to 7.0.17, 7.1.x prior to 7.1.12, and 8.0.x prior to 8.0.3 allows remote malicious users to obtain sensitive information,...
Paloaltonetworks Pan-os 7.0.4
Paloaltonetworks Pan-os 7.0.5
Paloaltonetworks Pan-os 7.0.6
Paloaltonetworks Pan-os 7.0.7
Paloaltonetworks Pan-os 7.1.8
Paloaltonetworks Pan-os 7.1.9
Paloaltonetworks Pan-os 7.1.10
Paloaltonetworks Pan-os 7.1.11
Paloaltonetworks Pan-os 7.0.1
Paloaltonetworks Pan-os 7.0.3
Paloaltonetworks Pan-os 7.0.8
Paloaltonetworks Pan-os 7.0.10
Paloaltonetworks Pan-os 7.1.4
Paloaltonetworks Pan-os 7.1.6
Paloaltonetworks Pan-os 8.0.1
Paloaltonetworks Pan-os
Paloaltonetworks Pan-os 7.0.12
Paloaltonetworks Pan-os 7.1.0
Paloaltonetworks Pan-os 7.1.1
Paloaltonetworks Pan-os 7.1.2
Paloaltonetworks Pan-os 7.1.3
Paloaltonetworks Pan-os 7.0.0
6.1
CVSSv3
CVE-2020-2005
A cross-site scripting (XSS) vulnerability exists when visiting malicious websites with the Palo Alto Networks GlobalProtect Clientless VPN that can compromise the user's active session. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier...
Paloaltonetworks Pan-os
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »