CVE-2012-6606
N/A
N/A
Summary
Palo Alto Networks GlobalProtect before 1.1.7, and NetConnect, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof portal servers and obtain sensitive information via a crafted certificate.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://archives.neohapsis.com/archives/bugtraq/2012-10/0100.html
- https://security.paloaltonetworks.com/CVE-2012-6606
References
- http://archives.neohapsis.com/archives/bugtraq/2012-10/0100.html
- https://security.paloaltonetworks.com/CVE-2012-6606
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.