PT-2020-3409 · Palo Alto Networks · Globalprotect Agent

Ahmet Hrnjadovic

Published

2020-04-08

Updated

2021-09-14

CVE-2020-1987

CVSS v2.0

5.2

Medium

Vector

AV:L/AC:L/Au:S/C:P/I:C/A:N

Name of the Vulnerable Software and Affected Versions Palo Alto Networks Global Protect Agent versions prior to 5.0.9 Palo Alto Networks Global Protect Agent versions prior to 5.1.1

Description The issue is related to an information exposure vulnerability in the logging component of the Global Protect Agent. This vulnerability allows a local authenticated user to read VPN cookie information when the troubleshooting logging level is set to "Dump".

Recommendations For versions prior to 5.0.9, update to version 5.0.9 or later to resolve the issue. For versions prior to 5.1.1, update to version 5.1.1 or later to resolve the issue. As a temporary workaround, consider changing the troubleshooting logging level from "Dump" to prevent information exposure until a patch is applied.

Fix

Insertion into Log File

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-532CWE-200

Related Identifiers

BDU:2020-03732

CVE-2020-1987

Affected Products

Globalprotect Agent

PT-2020-3409 · Palo Alto Networks · Globalprotect Agent

CVE-2020-1987

Weakness Enumeration

Related Identifiers

Affected Products

References · 4