E19-0rx71
CVSS:
8.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
False Positive:
f
Variants:
14
Year:
2019
Description
This strike exploits a format string vulnerability on Palo Alto GlobalProtect server.
The flaw resides in the 'sslmgr' endpoint due to lack of user input validation.
A remote unauthenticated attacker may thus crash a vulnerable instance or even execute arbitrary code.