{"document":{"category":"csaf_vex","csaf_version":"2.1","notes":[{"category":"summary","text":"Palo Alto Networks PSIRT provided VEX document. This document is autogenerated.","title":"Information Disclosure in GlobalProtect App"}],"publisher":{"category":"vendor","name":"Palo Alto Networks","namespace":"https://security.paloaltonetworks.com"},"title":"Palo Alto Networks PSIRT provided VEX document: CVE-2019-1573","distribution":{"text":"Copyright © 2024 Palo Alto Networks. All rights reserved.","tlp":{"label":"CLEAR","url":"https://www.first.org/tlp/"}},"tracking":{"current_release_date":"2026-04-08T08:09:22.512Z","generator":{"date":"2026-04-08T08:09:22.512Z","engine":{"name":"Vulnogram","version":"0.0.9"}},"id":"CVE-2019-1573","initial_release_date":"2019-04-09T17:45:00.000Z","revision_history":[{"number":"1","date":"2019-04-09T09:00:00.000Z","summary":"Initial publication"},{"number":"2","date":"2020-04-08T09:00:00.000Z","summary":"Update CVSS score to be accurate, since the attack vector is local and an attacker should have already compromised the user machine and have the ability inspect memory."}],"status":"final","version":"1"}},"product_tree":{"branches":[{"name":"Palo Alto Networks","category":"vendor","branches":[]}]},"vulnerabilities":[{"cve":"CVE-2019-1573","product_status":{"fixed":["PANW-GlobalProtect-App-83"],"known_affected":["PANW-GlobalProtect-App-82"],"known_not_affected":["PANW-GlobalProtect-App-84"]},"notes":[{"category":"description","text":"An information disclosure vulnerability exists in the GlobalProtect App for Windows and macOS (VU#192371).\nSuccessful exploitation of this issue would allow a local authenticated attacker to access authentication and/or session tokens and replay them to spoof the VPN session and gain access as the user. An attacker should have already compromised the end user account and gained the ability to inspect memory in order to obtain these tokens.\n\nThis issue affects GlobalProtect App 4.1.0 for Windows and GlobalProtect App 4.1.10 and earlier for macOS. GlobalProtect App for macOS 5.0 is NOT affected."}],"references":[{"category":"external","summary":"NVD - CVE-2019-1573","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1573"},{"category":"self","summary":"Palo Alto Networks Security Advisory CVE-2019-1573","url":"https://security.paloaltonetworks.com/CVE-2019-1573"}],"threats":[{"category":"impact","description":"An information disclosure vulnerability exists in the GlobalProtect App for Windows and macOS (VU#192371).\nSuccessful exploitation of this issue would allow a local authenticated attacker to access authentication and/or session tokens and replay them to spoof the VPN session and gain access as the user. An attacker should have already compromised the end user account and gained the ability to inspect memory in order to obtain these tokens.\n\nThis issue affects GlobalProtect App 4.1.0 for Windows and GlobalProtect App 4.1.10 and earlier for macOS. GlobalProtect App for macOS 5.0 is NOT affected."}],"scores":[{"cvss_v3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":2.5,"baseSeverity":"LOW"},"products":["PANW-GlobalProtect-App-82"]}]}]}