NVD

Id
47287  
Name
CVE-2012-6606  
Description
Palo Alto Networks GlobalProtect before 1.1.7, and NetConnect, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof portal servers and obtain sensitive information via a crafted certificate.  
Reject
 
CVSS Version
2  
CVSS Score
5.8  
Severity
Medium  
CVSS Base Score
5.8  
CVSS Impact Subscore
4.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:N)  
Pub Date
2017-01-19  
Published
2013-08-31  
Modified Date
2014-03-05  
Seq
2012-6606  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
236426 47287 CVE-2012-6606 20121017 MitM-vulnerability in Palo Alto Networks GlobalProtect  View
236427 47287 CVE-2012-6606 https://securityadvisories.paloaltonetworks.com/Home/Detail/18  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
30350 JVNDB-2012-006058 Palo Alto Networks GlobalProtect および NetConnect におけるポータルサーバになりすまされる脆弱性 Palo Alto Networks GlobalProtect および NetConnect は、SSL サーバからの X.509 証明書を検証しないため、ポータルサーバになりすまされる、および重要な情報を取得される脆弱性が存在します。 CVE-2012-6606 59844 CVE-2012-6606 47287 4.3 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-006058.html 2012-10-22 2013-09-04 View