Vulnerabilities > Paloaltonetworks > Globalprotect > 5.0.5

DATE CVE VULNERABILITY TITLE RISK
2023-06-14 CVE-2023-0009 Unspecified vulnerability in Paloaltonetworks Globalprotect
A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local user to execute programs with elevated privileges.
local
low complexity
paloaltonetworks
7.8
2020-06-10 CVE-2020-2033 Authentication Bypass by Spoofing vulnerability in Paloaltonetworks Globalprotect
When the pre-logon feature is enabled, a missing certification validation in Palo Alto Networks GlobalProtect app can disclose the pre-logon authentication cookie to a man-in-the-middle attacker on the same local area network segment with the ability to manipulate ARP or to conduct ARP spoofing attacks.
high complexity
paloaltonetworks CWE-290
5.3
2020-06-10 CVE-2020-2032 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Paloaltonetworks Globalprotect
A race condition vulnerability Palo Alto Networks GlobalProtect app on Windows allows a local limited Windows user to execute programs with SYSTEM privileges.
local
high complexity
paloaltonetworks CWE-367
7.0
2020-05-13 CVE-2020-2004 Information Exposure Through Log Files vulnerability in Paloaltonetworks Globalprotect
Under certain circumstances a user's password may be logged in cleartext in the PanGPS.log diagnostic file when logs are collected for troubleshooting on GlobalProtect app (also known as GlobalProtect Agent) for MacOS and Windows.
local
low complexity
paloaltonetworks CWE-532
5.5
2020-04-08 CVE-2020-1987 Information Exposure Through Log Files vulnerability in Paloaltonetworks Globalprotect
An information exposure vulnerability in the logging component of Palo Alto Networks Global Protect Agent allows a local authenticated user to read VPN cookie information when the troubleshooting logging level is set to "Dump".
local
low complexity
paloaltonetworks CWE-532
3.3
2020-02-12 CVE-2020-1976 Improper Input Validation vulnerability in Paloaltonetworks Globalprotect
A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect software running on Mac OS allows authenticated local users to cause the Mac OS kernel to hang or crash.
local
low complexity
paloaltonetworks CWE-20
5.5