CVE-2021-3038

MEDIUM

Palo Alto Networks GlobalProtect <5.1.8-5.2.4 - DoS

Title source: llm

Description

A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user to send specifically-crafted input to the GlobalProtect app that results in a Windows blue screen of death (BSOD) error. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.8; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.4.

References (1)

[Vendor Advisory] https://security.paloaltonetworks.com/CVE-2021-3038

Scores

CVSS v3 5.5

EPSS 0.0004

EPSS Percentile 13.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-248 CWE-20

Status published

Affected Products (1)

paloaltonetworks/globalprotect < 5.1.8

Timeline

Published Apr 20, 2021

Tracked Since Feb 18, 2026