VYPR

GlobalProtect Clientless VPN

by Paloaltonetworks

CVEs (2)

  • CVE-2021-3056Nov 10, 2021
    risk 0.00cvss epss 0.01

    A memory corruption vulnerability in Palo Alto Networks PAN-OS GlobalProtect Clientless VPN enables an authenticated attacker to execute arbitrary code with root user privileges during SAML authentication. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20;…

  • CVE-2020-2005May 13, 2020
    risk 0.00cvss epss 0.01

    A cross-site scripting (XSS) vulnerability exists when visiting malicious websites with the Palo Alto Networks GlobalProtect Clientless VPN that can compromise the user's active session. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier…