PT-2019-4014 · Palo Alto · Palo Alto Globalprotect Agent For Linux+1
Hanno Heinrichs
·
Published
2019-10-15
·
Updated
2023-03-23
·
CVE-2019-17436
CVSS v3.1
7.1
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Palo Alto GlobalProtect Agent for Linux versions 5.0.4 and earlier
Palo Alto GlobalProtect Agent for Linux versions 4.1.12 and earlier
Palo Alto GlobalProtect Agent for MacOS versions 5.0.4 and earlier
Palo Alto GlobalProtect Agent for MacOS versions 4.1.12 and earlier
Description
The issue is related to insufficient access control in corporate VPN applications, which can be exploited to elevate privileges. A local privilege escalation exists that can allow non-root users to overwrite root files on the file system.
Recommendations
For GlobalProtect Agent for Linux version 5.0.4 and earlier, update to a version later than 5.0.4 to resolve the issue.
For GlobalProtect Agent for Linux version 4.1.12 and earlier, update to a version later than 4.1.12 to resolve the issue.
For GlobalProtect Agent for MacOS version 5.0.4 and earlier, update to a version later than 5.0.4 to resolve the issue.
For GlobalProtect Agent for MacOS version 4.1.12 and earlier, update to a version later than 4.1.12 to resolve the issue.
Fix
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Palo Alto Globalprotect Agent For Linux
Palo Alto Globalprotect Agent For Macos