Palo Alto Networks · Globalprotect Agent · CVE-2020-1987
**Name of the Vulnerable Software and Affected Versions**
Palo Alto Networks Global Protect Agent versions prior to 5.0.9
Palo Alto Networks Global Protect Agent versions prior to 5.1.1
**Description**
The issue is related to an information exposure vulnerability in the logging component of the Global Protect Agent. This vulnerability allows a local authenticated user to read VPN cookie information when the troubleshooting logging level is set to "Dump".
**Recommendations**
For versions prior to 5.0.9, update to version 5.0.9 or later to resolve the issue.
For versions prior to 5.1.1, update to version 5.1.1 or later to resolve the issue.
As a temporary workaround, consider changing the troubleshooting logging level from "Dump" to prevent information exposure until a patch is applied.