Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Palo Alto Networks | GlobalProtect App | affected |
|
|||||||||
| Palo Alto Networks | GlobalProtect App | affected |
|
|||||||||
| Palo Alto Networks | GlobalProtect App | affected |
|
Configuration 1 [-]
|
No data.
No data available yet.
Vendor Solution
This issue is fixed in GlobalProtect app 5.1.9 on Windows, GlobalProtect app 5.2.8 on Windows and on Universal Windows Platform, GlobalProtect app 5.3.1 on Linux, and all later GlobalProtect app versions.
Vendor Workaround
There are no known workarounds for this issue.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2021-26409 | A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.9 on Windows; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.8 on Windows; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.8 on the Universal Windows Platform; GlobalProtect app 5.3 versions earlier than GlobalProtect app 5.3.1 on Linux. |
| Link | Providers |
|---|---|
| https://security.paloaltonetworks.com/CVE-2021-3057 |
|
No history.
MITRE
Status: PUBLISHED
Assigner: palo_alto
Published:
Updated: 2024-09-17T01:35:48.767Z
Reserved: 2021-01-06T00:00:00.000Z
Link: CVE-2021-3057
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-10-13T16:15:07.783
Modified: 2024-11-21T06:20:52.090
Link: CVE-2021-3057
Redhat
No data.
OpenCVE Enrichment
No data.