Описание
An open redirection vulnerability in the GlobalProtect component of Palo Alto Networks PAN-OS allows an attacker to specify an arbitrary redirection target away from the trusted GlobalProtect gateway. If the user then successfully authenticates it will cause them to access an unexpected and potentially malicious website. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.0 versions earlier than 8.0.14.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Одно из
EPSS
5.3 Medium
CVSS3
6.1 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
Связанные уязвимости
An open redirection vulnerability in the GlobalProtect component of Palo Alto Networks PAN-OS allows an attacker to specify an arbitrary redirection target away from the trusted GlobalProtect gateway. If the user then successfully authenticates it will cause them to access an unexpected and potentially malicious website. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.0 versions earlier than 8.0.14.
Уязвимость компонента GlobalProtect операционной системы PAN-OS, позволяющая нарушителю оказать воздействие на конфиденциальность и целостность защищаемой информации
EPSS
5.3 Medium
CVSS3
6.1 Medium
CVSS3
5.8 Medium
CVSS2