Palo Alto Networks Security Advisories / CVE-2012-6606

CVE-2012-6606 Man-in-the-middle Vulnerability in GlobalProtect App

047910
Severity 6.8 · MEDIUM
Attack Vector NETWORK
Scope UNCHANGED
Attack Complexity HIGH
Confidentiality Impact HIGH
Privileges Required NONE
Integrity Impact HIGH
User Interaction REQUIRED
Availability Impact NONE

Description

A vulnerability exists in NetConnect (all version) and GlobalPortect App (1.1.6 and earlier) whereby the agent does not verify the certificate presented by the portal server, enabling a possible Man-in-the-middle attack.

This vulnerability can result in an agent connecting to an attacker-controlled server allowing the attacker to receive the username and password of the affected user.

This issue affects NetConnect (all versions); GlobalProtect App (1.1.6 and earlier).

Product Status

VersionsAffectedUnaffected
GlobalProtect App 1.1<= 1.1.6>= 1.1.7
NetConnectAll

Severity: MEDIUM

CVSSv3.1 Base Score: 6.8 (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N)

Weakness Type

CWE-310

Solution

GlobalProtect app 1.1.7 and later; NetConnect is discontinued.

Workarounds and Mitigations

No mitigations available.

© 2024 Palo Alto Networks, Inc. All rights reserved.