Severity by source
AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Lifecycle Timeline
4DescriptionCVE.org
An improper access control vulnerability in the Endpoint Traffic Policy Enforcement https://docs.paloaltonetworks.com/globalprotect/6-0/globalprotect-app-new-features/new-features-released-in-gp-app/endpoint-traffic-policy-enforcement feature of the Palo Alto Networks GlobalProtect™ app allows certain packets to remain unencrypted instead of being properly secured within the tunnel.
An attacker with physical access to the network can inject rogue devices to intercept these packets. Under normal operating conditions, the GlobalProtect app automatically recovers from this interception within one minute.
Analysis
An improper access control vulnerability in the Endpoint Traffic Policy Enforcement https://docs.paloaltonetworks.com/globalprotect/6-0/globalprotect-app-new-features/new-features-released-in-gp-app/endpoint-traffic-policy-enforcement feature of the Palo Alto Networks GlobalProtect™ app allows certain packets to remain unencrypted instead of being properly secured within the tunnel.
An attacker with physical access to the network can inject rogue devices to intercept these packets. Under normal operating conditions, the GlobalProtect app automatically recovers from this interception within one minute.
Technical ContextAI
This vulnerability is classified as Cleartext Transmission of Sensitive Information (CWE-319).
RemediationAI
Monitor vendor advisories for patches. Apply mitigations such as network segmentation, access restrictions, and monitoring.
Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote
Palo Alto Networks PAN-OS management web interface contains an authentication bypass allowing unauthenticated attackers
Palo Alto Networks Expedition contains an unauthenticated OS command injection vulnerability that allows attackers to ex
Remote code execution in Palo Alto Networks PAN-OS User-ID Authentication Portal (Captive Portal) allows unauthenticated
Buffer overflow in the management web interface in Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x b
Authentication bypass in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS allows remote attackers to es
Palo Alto Networks PAN-OS management interface contains an authenticated file read vulnerability allowing reading of fil
An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access t
Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account
An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to exe
A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to
An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitra
Same technique Code Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-18244