An improper verification vulnerability in the GlobalProtect gateway feature of Palo Alto Networks PAN-OS software enables a malicious user with stolen credentials to establish a VPN connection from an unauthorized IP address.
2024-02-14T18:15:47.503
2024-12-09T15:13:34.713
Analyzed
CVSSv3.1: 6.3 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | paloaltonetworks | pan-os | 11.0.0 | Yes |
| Operating System | paloaltonetworks | pan-os | 11.0.0 | Yes |
| Operating System | paloaltonetworks | pan-os | 11.0.0 | Yes |
| Operating System | paloaltonetworks | pan-os | 11.0.0 | Yes |
| Operating System | paloaltonetworks | pan-os | 11.0.0 | Yes |
| Operating System | paloaltonetworks | pan-os | < 10.2.4 | Yes |