vulnerability

Palo Alto Networks PAN-SA-2016-0005 (CVE-2016-3657): Unauthenticated Buffer Overflow in GlobalProtect/SSL VPN Web Interface

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
10	(AV:N/AC:L/Au:N/C:C/I:C/A:C)	Feb 24, 2016	Oct 12, 2016	Jun 17, 2020

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

Feb 24, 2016

Added

Oct 12, 2016

Modified

Jun 17, 2020

Description

Buffer overflow in the GlobalProtect Portal in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5 allows remote attackers to cause a denial of service (device crash) or possibly execute arbitrary code via an SSL VPN request.

Solutions

palo-alto-networks-pan-os-upgrade-5-0palo-alto-networks-pan-os-upgrade-6-0palo-alto-networks-pan-os-upgrade-6-1palo-alto-networks-pan-os-upgrade-7-0

References

NVD-CVE-2016-3657
URL-https://securityadvisories.paloaltonetworks.com

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today