Palo Alto Networks PAN-OS
Easy fix8 remedies
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*
Easy fix8 remedies
- <= 11.2.2
- <= 11.1.4
- <= 11.0.5
- <= 10.2.10
- <= 10.2.9
- <= 10.2.4
- <= 10.1.14
Palo Alto Networks GlobalProtect Session Fixation Vulnerability in SAML Authentication
Vulnerability
Patched
A session fixation vulnerability has been identified in the GlobalProtect login when SAML authentication is used. This vulnerability allows an attacker to impersonate a legitimate user and perform actions on their behalf. The exploitation requires the user to click on a malicious link from the attacker. This issue does not affect the SAML login for the PAN-OS management interface, Cloud NGFW, or Prisma Access instances, which have been proactively patched.
Impact
Exploitation of this vulnerability allows for session fixation, enabling an attacker to impersonate a legitimate user and perform actions as that user within GlobalProtect.
Remediation
Users can upgrade to a fixed version of PAN-OS. For specific upgrade instructions, refer to the Palo Alto Networks documentation. As a workaround, consider using a different authentication method for the GlobalProtect portal, such as Client Certificate Authentication, RADIUS, TACACS+, LDAP, or Kerberos.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
5.7impact
1.3exploitability
5.8remediation
8.3relevance
0.0threat
0.0urgency
5.7incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.