VYPR
Vendor

GlobalProtect Openconnect

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2021-45809CriMar 22, 2022
    risk 0.64cvss 9.8epss 0.02

    GlobalProtect-openconnect versions prior to 1.4.3 are affected by incorrect access control in GPService through DBUS, GUI Application. The way GlobalProtect-Openconnect is set up enables arbitrary users to execute commands as root by submitting the `--script=` parameter.

  • CVE-2021-45810HigMar 22, 2022
    risk 0.49cvss 7.5epss 0.01

    GlobalProtect-openconnect versions prior to 2.0.0 (exclusive) are affected by incorrect access control in GPService through DBUS, GUI. The way GlobalProtect-Openconnect is set up enables arbitrary users to start a VPN connection to arbitrary servers. By hosting an openconnect…

  • CVE-2019-17436HigOct 16, 2019
    risk 0.46cvss 7.1epss 0.00

    A Local Privilege Escalation vulnerability exists in GlobalProtect Agent for Linux and Mac OS X version 5.0.4 and earlier and version 4.1.12 and earlier, that can allow non-root users to overwrite root files on the file system.