CVE-2012-6606

Published: Aug 31, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

Palo Alto Networks GlobalProtect before 1.1.7, and NetConnect, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof portal servers and obtain sensitive information via a crafted certificate.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20121017 MitM-vulnerability in Palo Alto Networks GlobalProtect

mailing-list

x_refsource_BUGTRAQ

https://security.paloaltonetworks.com/CVE-2012-6606

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2012-6606

Description

Affected Products

References