Vulnerabilities > Paloaltonetworks > Globalprotect > 5.2.8
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-14 | CVE-2023-0009 | Unspecified vulnerability in Paloaltonetworks Globalprotect A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local user to execute programs with elevated privileges. | 7.8 |
2023-04-12 | CVE-2023-0006 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Paloaltonetworks Globalprotect A local file deletion vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a user to delete system files from the endpoint with elevated privileges through a race condition. | 6.3 |
2022-02-10 | CVE-2022-0016 | Improper Handling of Exceptional Conditions vulnerability in Paloaltonetworks Globalprotect An improper handling of exceptional conditions vulnerability exists within the Connect Before Logon feature of the Palo Alto Networks GlobalProtect app that enables a local attacker to escalate to SYSTEM or root privileges when authenticating with Connect Before Logon under certain circumstances. | 6.9 |
2022-02-10 | CVE-2022-0018 | Information Exposure vulnerability in Paloaltonetworks Globalprotect An information exposure vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows and MacOS where the credentials of the local user account are sent to the GlobalProtect portal when the Single Sign-On feature is enabled in the GlobalProtect portal configuration. | 2.6 |
2022-02-10 | CVE-2022-0021 | Information Exposure Through Log Files vulnerability in Paloaltonetworks Globalprotect An information exposure through log file vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that logs the cleartext credentials of the connecting GlobalProtect user when authenticating using Connect Before Logon feature. | 1.9 |