cbcvebase.
CVE-2024-2431
published 2024-03-13

CVE-2024-2431: An issue in the Palo Alto Networks GlobalProtect app enables a non-privileged user to disable the GlobalProtect app in configurations that allow a user to…

PriorityP419medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
EPSS
0.15%
4.9th percentile
An issue in the Palo Alto Networks GlobalProtect app enables a non-privileged user to disable the GlobalProtect app in configurations that allow a user to disable GlobalProtect with a passcode.

Affected

9 ranges
VendorProductVersion rangeFixed in
palo_alto_networksglobalprotect_app>= 5.1 < 5.1.125.1.12
palo_alto_networksglobalprotect_app>= 5.2 < 5.2.135.2.13
palo_alto_networksglobalprotect_app>= 6.0 < 6.0.46.0.4
palo_alto_networksglobalprotect_app>= 6.1 < 6.1.16.1.1
paloaltoglobalprotect_app
paloaltonetworksglobalprotect
paloaltonetworksglobalprotect>= 5.1.0 < 5.1.125.1.12
paloaltonetworksglobalprotect5.2.0 – 5.2.13
paloaltonetworksglobalprotect>= 6.0.0 < 6.0.46.0.4
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.