CVE-2017-15870

Published: Dec 11, 2017Modified: May 13, 2026

6.7

Vector

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 0.8 / Impact: 5.9

Source: NVD

Description

Palo Alto Networks GlobalProtect Agent before 4.0.3 allows attackers with administration rights on the local station to gain SYSTEM privileges via vectors involving "image path execution hijacking."

Affected (1)

Products: Paloaltonetworks: Globalprotect

Paloaltonetworks

1 product

Globalprotect

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Paloaltonetworks Globalprotect	Up to 4.0.2

References (4)

http://www.securityfocus.com/bid/102083

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://security.paloaltonetworks.com/CVE-2017-15870

Source: cve@mitre.org

http://www.securityfocus.com/bid/102083

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://security.paloaltonetworks.com/CVE-2017-15870

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.