PT-2022-4506 · Palo Alto Networks · Globalprotect
Josh Wisely
+1
·
Published
2022-02-09
·
Updated
2022-02-17
·
CVE-2022-0019
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Palo Alto Networks GlobalProtect app versions prior to 5.1.10 on Linux
Palo Alto Networks GlobalProtect app versions prior to and including 5.2.7 on Linux
Palo Alto Networks GlobalProtect app versions prior to 5.3.2 on Linux
Description
An insufficiently protected credentials issue exists in the Palo Alto Networks GlobalProtect app on Linux, exposing hashed credentials of users who saved their password during previous sessions to other local users. This allows a local attacker to authenticate to the GlobalProtect portal or gateway as the target user without knowing the target user's plaintext password.
Recommendations
For GlobalProtect app versions prior to 5.1.10 on Linux, update to version 5.1.10 or later.
For GlobalProtect app versions prior to and including 5.2.7 on Linux, update to a version later than 5.2.7.
For GlobalProtect app versions prior to 5.3.2 on Linux, update to version 5.3.2 or later.
Fix
Insufficiently Protected Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Globalprotect