Description
A problem with the Palo Alto Networks GlobalProtect app can result in exposure of encrypted user credentials, used for connecting to GlobalProtect, in application logs. Normally, these application logs are only viewable by local users and are included when generating logs for troubleshooting purposes. This means that these encrypted credentials are exposed to recipients of the application logs.
CVSS breakdown
CVSS 4.0
Attack Vector
Network
Attack Complexity
Low
Attack Requirements
Present
Privileges Required
None
User Interaction
Active
Confidentiality (Vulnerable System)
Low
Integrity (Vulnerable System)
None
Availability (Vulnerable System)
None
Confidentiality (Subsequent System)
High
Integrity (Subsequent System)
High
Availability (Subsequent System)
High
AU
None
R
Unchanged
V
D
RE
M
U
Amber
Affected products
- Palo Alto Networks / globalprotect_app6.0.0 – 6.0.8
- Palo Alto Networks / globalprotect_app5.1.0 – 5.1.12
- Palo Alto Networks / globalprotect_app6.1.0 – 6.1.3
- Palo Alto Networks / globalprotect_app6.2.0 – 6.2.3