ASA-2019-00460 – Palo Alto GlobalProtect Portal/Gateway Interface: Unauthenticated remote code execution due to format string vulnerability

There's an unauthenticated remote code execution (RCE) vulnerability in Palo Alto Networks GlobalProtect Portal and GlobalProtect Gateway interface products. The vulnerability is a format string issue during parameter extraction when connecting to /sslmgr.