Palo Alto Networks GlobalProtect X.509 Certificate Validation Security Bypass Vulnerability

Palo Alto Networks GlobalProtect is prone to a security-bypass vulnerability because the application fails to properly validate X.509 certificates.

Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks and bypass certain security restrictions.

Palo Alto Networks GlobalProtect 1.1.5 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus