Palo Alto Networks Security Advisories / CVE-2020-1987

CVE-2020-1987 GlobalProtect Agent: VPN cookie local information disclosure

047910
Severity 2.8 · LOW
Attack Vector LOCAL
Attack Complexity LOW
Privileges Required LOW
User Interaction REQUIRED
Scope UNCHANGED
Confidentiality Impact LOW
Integrity Impact NONE
Availability Impact NONE

Description

An information exposure vulnerability in the logging component of Palo Alto Networks GlobalProtect Agent allows a local authenticated user to read VPN cookie information when the troubleshooting logging level is set to "Dump".

This issue affects Palo Alto Networks GlobalProtect Agent 5.0 versions prior to 5.0.9; 5.1 versions prior to 5.1.1.

Product Status

VersionsAffectedUnaffected
GlobalProtect Agent 5.1< 5.1.1>= 5.1.1
GlobalProtect Agent 5.0< 5.0.9>= 5.0.9

Severity: LOW

CVSSv3.1 Base Score: 2.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N)

Weakness Type

CWE-215 Information Exposure Through Debug Information

Solution

This issue is fixed in GlobalProtect Agent 5.0.9, GlobalProtect Agent 5.1.1 and all later versions.

Workarounds and Mitigations

Acknowledgments

Palo Alto Networks thanks Ahmet Hrnjadovic for discovering and reporting this issue.

Timeline

Initial publication
© 2020 Palo Alto Networks, Inc. All rights reserved.