Description
Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker to bypass security restrictions and establish an unauthorized VPN connection. Panorama and Cloud NGFW are not impacted by these issues.
CVSS breakdown
CVSS 4.0
Attack Vector
Network
Attack Complexity
Low
Attack Requirements
None
Privileges Required
None
User Interaction
None
Confidentiality (Vulnerable System)
Low
Integrity (Vulnerable System)
None
Availability (Vulnerable System)
None
Confidentiality (Subsequent System)
High
Integrity (Subsequent System)
High
Availability (Subsequent System)
None
E
Adjacent
AU
None
R
Adjacent
V
D
RE
M
U
Red
Affected products
- Palo Alto Networks / Cloud NGFWAll – All
- Palo Alto Networks / pan-os12.1.6 – 12.1.6
- Palo Alto Networks / pan-os12.1.5 – 12.1.5
- Palo Alto Networks / pan-os12.1.4 – 12.1.4
- Palo Alto Networks / pan-os12.1.4 – 12.1.4
- Palo Alto Networks / pan-os12.1.4 – 12.1.4
- Palo Alto Networks / pan-os12.1.4 – 12.1.4
- Palo Alto Networks / pan-os12.1.3 – 12.1.3
- Palo Alto Networks / pan-os12.1.2 – 12.1.2
- Palo Alto Networks / pan-os11.2.11 – 11.2.11
- Palo Alto Networks / pan-os11.2.10 – 11.2.10
- Palo Alto Networks / pan-os11.2.10 – 11.2.10
- Palo Alto Networks / pan-os11.2.10 – 11.2.10
- Palo Alto Networks / pan-os11.2.10 – 11.2.10
- Palo Alto Networks / pan-os11.2.10 – 11.2.10
- Palo Alto Networks / pan-os11.2.10 – 11.2.10
- Palo Alto Networks / pan-os11.2.10 – 11.2.10
- Palo Alto Networks / pan-os11.2.9 – 11.2.9
- Palo Alto Networks / pan-os11.2.8 – 11.2.8
- Palo Alto Networks / pan-os11.2.7 – 11.2.7
- Palo Alto Networks / pan-os11.2.7 – 11.2.7
- Palo Alto Networks / pan-os11.2.7 – 11.2.7
- Palo Alto Networks / pan-os11.2.7 – 11.2.7
- Palo Alto Networks / pan-os11.2.7 – 11.2.7
- Palo Alto Networks / pan-os11.2.7 – 11.2.7
- Palo Alto Networks / pan-os11.2.7 – 11.2.7
- Palo Alto Networks / pan-os11.2.7 – 11.2.7
- Palo Alto Networks / pan-os11.2.7 – 11.2.7
- Palo Alto Networks / pan-os11.2.7 – 11.2.7
- Palo Alto Networks / pan-os11.2.6 – 11.2.6
- Palo Alto Networks / pan-os11.2.5 – 11.2.5
- Palo Alto Networks / pan-os11.2.4 – 11.2.4
- Palo Alto Networks / pan-os11.2.4 – 11.2.4
- Palo Alto Networks / pan-os11.2.4 – 11.2.4
- Palo Alto Networks / pan-os11.2.4 – 11.2.4
- Palo Alto Networks / pan-os11.2.4 – 11.2.4
- Palo Alto Networks / pan-os11.2.4 – 11.2.4
- Palo Alto Networks / pan-os11.2.4 – 11.2.4
- Palo Alto Networks / pan-os11.2.4 – 11.2.4
- Palo Alto Networks / pan-os11.2.4 – 11.2.4
- Palo Alto Networks / pan-os11.2.4 – 11.2.4
- Palo Alto Networks / pan-os11.2.4 – 11.2.4
- Palo Alto Networks / pan-os11.2.4 – 11.2.4
- Palo Alto Networks / pan-os11.2.4 – 11.2.4
- Palo Alto Networks / pan-os11.2.4 – 11.2.4
- Palo Alto Networks / pan-os11.2.4 – 11.2.4
- Palo Alto Networks / pan-os11.2.3 – 11.2.3
- Palo Alto Networks / pan-os11.2.2 – 11.2.2
- Palo Alto Networks / pan-os11.2.1 – 11.2.1
- Palo Alto Networks / pan-os11.2.0 – 11.2.0
- Palo Alto Networks / pan-os11.1.14 – 11.1.14
- Palo Alto Networks / pan-os11.1.13 – 11.1.13
- Palo Alto Networks / pan-os11.1.13 – 11.1.13
- Palo Alto Networks / pan-os11.1.13 – 11.1.13
- Palo Alto Networks / pan-os11.1.13 – 11.1.13
- Palo Alto Networks / pan-os11.1.12 – 11.1.12
- Palo Alto Networks / pan-os11.1.11 – 11.1.11
- Palo Alto Networks / pan-os11.1.10 – 11.1.10
- Palo Alto Networks / pan-os11.1.10 – 11.1.10
- Palo Alto Networks / pan-os11.1.10 – 11.1.10
- Palo Alto Networks / pan-os11.1.10 – 11.1.10
- Palo Alto Networks / pan-os11.1.10 – 11.1.10
- Palo Alto Networks / pan-os11.1.10 – 11.1.10
- Palo Alto Networks / pan-os11.1.10 – 11.1.10
- Palo Alto Networks / pan-os11.1.10 – 11.1.10
- Palo Alto Networks / pan-os11.1.10 – 11.1.10
- Palo Alto Networks / pan-os11.1.9 – 11.1.9
- Palo Alto Networks / pan-os11.1.8 – 11.1.8
- Palo Alto Networks / pan-os11.1.6 – 11.1.6
- Palo Alto Networks / pan-os11.1.6 – 11.1.6
- Palo Alto Networks / pan-os11.1.6 – 11.1.6
- Palo Alto Networks / pan-os11.1.6 – 11.1.6
- Palo Alto Networks / pan-os11.1.6 – 11.1.6
- Palo Alto Networks / pan-os11.1.6 – 11.1.6
- Palo Alto Networks / pan-os11.1.6 – 11.1.6
- Palo Alto Networks / pan-os11.1.6 – 11.1.6
- Palo Alto Networks / pan-os11.1.6 – 11.1.6
- Palo Alto Networks / pan-os11.1.6 – 11.1.6
- Palo Alto Networks / pan-os11.1.6 – 11.1.6
- Palo Alto Networks / pan-os11.1.6 – 11.1.6
- Palo Alto Networks / pan-os11.1.6 – 11.1.6
- Palo Alto Networks / pan-os11.1.6 – 11.1.6
- Palo Alto Networks / pan-os11.1.6 – 11.1.6
- Palo Alto Networks / pan-os11.1.6 – 11.1.6
- Palo Alto Networks / pan-os11.1.6 – 11.1.6
- Palo Alto Networks / pan-os11.1.6 – 11.1.6
- Palo Alto Networks / pan-os11.1.5 – 11.1.5
- Palo Alto Networks / pan-os11.1.4 – 11.1.4
- Palo Alto Networks / pan-os11.1.4 – 11.1.4
- Palo Alto Networks / pan-os11.1.4 – 11.1.4
- Palo Alto Networks / pan-os11.1.4 – 11.1.4
- Palo Alto Networks / pan-os11.1.4 – 11.1.4
- Palo Alto Networks / pan-os11.1.4 – 11.1.4
- Palo Alto Networks / pan-os11.1.4 – 11.1.4
- Palo Alto Networks / pan-os11.1.4 – 11.1.4
- Palo Alto Networks / pan-os11.1.4 – 11.1.4
- Palo Alto Networks / pan-os11.1.4 – 11.1.4
- Palo Alto Networks / pan-os11.1.4 – 11.1.4
- Palo Alto Networks / pan-os11.1.4 – 11.1.4
- Palo Alto Networks / pan-os11.1.4 – 11.1.4
- Palo Alto Networks / pan-os11.1.4 – 11.1.4
- Palo Alto Networks / pan-os11.1.4 – 11.1.4
- Palo Alto Networks / pan-os11.1.4 – 11.1.4
- Palo Alto Networks / pan-os11.1.4 – 11.1.4
- Palo Alto Networks / pan-os11.1.4 – 11.1.4
- Palo Alto Networks / pan-os11.1.4 – 11.1.4
- Palo Alto Networks / pan-os11.1.4 – 11.1.4
- Palo Alto Networks / pan-os11.1.3 – 11.1.3
- Palo Alto Networks / pan-os11.1.2 – 11.1.2
- Palo Alto Networks / pan-os11.1.1 – 11.1.1
- Palo Alto Networks / pan-os11.1.0 – 11.1.0
- Palo Alto Networks / pan-os10.2.18 – 10.2.18
- Palo Alto Networks / pan-os10.2.18 – 10.2.18
- Palo Alto Networks / pan-os10.2.18 – 10.2.18
- Palo Alto Networks / pan-os10.2.17 – 10.2.17
- Palo Alto Networks / pan-os10.2.16 – 10.2.16
- Palo Alto Networks / pan-os10.2.16 – 10.2.16
- Palo Alto Networks / pan-os10.2.16 – 10.2.16
- Palo Alto Networks / pan-os10.2.16 – 10.2.16
- Palo Alto Networks / pan-os10.2.15 – 10.2.15
- Palo Alto Networks / pan-os10.2.14 – 10.2.14
- Palo Alto Networks / pan-os10.2.13 – 10.2.13
- Palo Alto Networks / pan-os10.2.13 – 10.2.13
- Palo Alto Networks / pan-os10.2.13 – 10.2.13
- Palo Alto Networks / pan-os10.2.13 – 10.2.13
- Palo Alto Networks / pan-os10.2.13 – 10.2.13
- Palo Alto Networks / pan-os10.2.13 – 10.2.13
- Palo Alto Networks / pan-os10.2.13 – 10.2.13
- Palo Alto Networks / pan-os10.2.13 – 10.2.13
- Palo Alto Networks / pan-os10.2.13 – 10.2.13
- Palo Alto Networks / pan-os10.2.13 – 10.2.13
- Palo Alto Networks / pan-os10.2.13 – 10.2.13
- Palo Alto Networks / pan-os10.2.12 – 10.2.12
- Palo Alto Networks / pan-os10.2.11 – 10.2.11
- Palo Alto Networks / pan-os10.2.10 – 10.2.10
- Palo Alto Networks / pan-os10.2.10 – 10.2.10
- Palo Alto Networks / pan-os10.2.10 – 10.2.10
- Palo Alto Networks / pan-os10.2.10 – 10.2.10
- Palo Alto Networks / pan-os10.2.10 – 10.2.10
- Palo Alto Networks / pan-os10.2.10 – 10.2.10
- Palo Alto Networks / pan-os10.2.10 – 10.2.10
- Palo Alto Networks / pan-os10.2.10 – 10.2.10
- Palo Alto Networks / pan-os10.2.10 – 10.2.10
- Palo Alto Networks / pan-os10.2.10 – 10.2.10
- Palo Alto Networks / pan-os10.2.10 – 10.2.10
- Palo Alto Networks / pan-os10.2.10 – 10.2.10
- Palo Alto Networks / pan-os10.2.10 – 10.2.10
- Palo Alto Networks / pan-os10.2.10 – 10.2.10
- Palo Alto Networks / pan-os10.2.10 – 10.2.10
- Palo Alto Networks / pan-os10.2.10 – 10.2.10
- Palo Alto Networks / pan-os10.2.10 – 10.2.10
- Palo Alto Networks / pan-os10.2.10 – 10.2.10
- Palo Alto Networks / pan-os10.2.10 – 10.2.10
- Palo Alto Networks / pan-os10.2.10 – 10.2.10
- Palo Alto Networks / pan-os10.2.10 – 10.2.10
- Palo Alto Networks / pan-os10.2.10 – 10.2.10
- Palo Alto Networks / pan-os10.2.10 – 10.2.10
- Palo Alto Networks / pan-os10.2.9 – 10.2.9
- Palo Alto Networks / pan-os10.2.8 – 10.2.8
- Palo Alto Networks / pan-os10.2.7 – 10.2.7
- Palo Alto Networks / pan-os10.2.7 – 10.2.7
- Palo Alto Networks / pan-os10.2.7 – 10.2.7
- Palo Alto Networks / pan-os10.2.7 – 10.2.7
- Palo Alto Networks / pan-os10.2.7 – 10.2.7
- Palo Alto Networks / pan-os10.2.7 – 10.2.7
- Palo Alto Networks / pan-os10.2.7 – 10.2.7
- Palo Alto Networks / pan-os10.2.7 – 10.2.7
- Palo Alto Networks / pan-os10.2.7 – 10.2.7
- Palo Alto Networks / pan-os10.2.7 – 10.2.7
- Palo Alto Networks / pan-os10.2.7 – 10.2.7
- Palo Alto Networks / pan-os10.2.7 – 10.2.7
- Palo Alto Networks / pan-os10.2.7 – 10.2.7
- Palo Alto Networks / pan-os10.2.7 – 10.2.7
- Palo Alto Networks / pan-os10.2.7 – 10.2.7
- Palo Alto Networks / pan-os10.2.7 – 10.2.7
- Palo Alto Networks / pan-os10.2.7 – 10.2.7
- Palo Alto Networks / pan-os10.2.7 – 10.2.7
- Palo Alto Networks / pan-os10.2.7 – 10.2.7
- Palo Alto Networks / pan-os10.2.7 – 10.2.7
- Palo Alto Networks / pan-os10.2.7 – 10.2.7
- Palo Alto Networks / pan-os10.2.7 – 10.2.7
- Palo Alto Networks / pan-os10.2.7 – 10.2.7
- Palo Alto Networks / pan-os10.2.7 – 10.2.7
- Palo Alto Networks / pan-os10.2.7 – 10.2.7
- Palo Alto Networks / pan-os10.2.7 – 10.2.7
- Palo Alto Networks / pan-os10.2.6 – 10.2.6
- Palo Alto Networks / pan-os10.2.5 – 10.2.5
- Palo Alto Networks / pan-os10.2.4 – 10.2.4
- Palo Alto Networks / pan-os10.2.3 – 10.2.3
- Palo Alto Networks / pan-os10.2.2 – 10.2.2
- Palo Alto Networks / pan-os10.2.1 – 10.2.1
- Palo Alto Networks / pan-os10.2.0 – 10.2.0
- Palo Alto Networks / Prisma Access10.2.0 – 10.2.10-h36
- Palo Alto Networks / Prisma Access11.2.0 – 11.2.7-h13
Exploits & proofs of concept
- nucleiPalo Alto Networks PAN-OS - Authentication Bypassby dhiyaneshdk,sfewer-r7