Palo Alto Networks Security Advisories / CVE-2020-1987

CVE-2020-1987 GlobalProtect App: VPN cookie local information disclosure

047910
Severity 2.8 · LOW
Attack Vector LOCAL
Attack Complexity LOW
Privileges Required LOW
User Interaction REQUIRED
Scope UNCHANGED
Confidentiality Impact LOW
Integrity Impact NONE
Availability Impact NONE

Description

An information exposure vulnerability in the logging component of Palo Alto Networks GlobalProtect App allows a local authenticated user to read VPN cookie information when the troubleshooting logging level is set to "Dump".

This issue affects Palo Alto Networks GlobalProtect App 5.0 versions prior to 5.0.9; 5.1 versions prior to 5.1.1.

Product Status

VersionsAffectedUnaffected
GlobalProtect App 5.1< 5.1.1>= 5.1.1
GlobalProtect App 5.0< 5.0.9>= 5.0.9

Severity: LOW

CVSSv3.1 Base Score: 2.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N)

Weakness Type

CWE-215 Information Exposure Through Debug Information

Solution

This issue is fixed in GlobalProtect App 5.0.9, GlobalProtect App 5.1.1 and all later versions.

Workarounds and Mitigations

Acknowledgments

Palo Alto Networks thanks Ahmet Hrnjadovic for discovering and reporting this issue.

Timeline

Initial publication
© 2020 Palo Alto Networks, Inc. All rights reserved.