GlobalProtect App: Information Exposure Vulnerability When Using Connect Before Logon
CVE-2022-0021
3.3LOW
Key Information
- Vendor
- Palo Alto Networks
- Status
- Globalprotect App
- Vendor
- CVE Published:
- 9 February 2022
Badges
👾 Exploit Exists
Summary
An information exposure through log file vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that logs the cleartext credentials of the connecting GlobalProtect user when authenticating using Connect Before Logon feature. This issue impacts GlobalProtect App 5.2 versions earlier than 5.2.9 on Windows. This issue does not affect the GlobalProtect app on other platforms.
Affected Version(s)
GlobalProtect App < 5.2.9
GlobalProtect App >= 5.1.*
GlobalProtect App >= 5.3.*
Refferences
CVSS V3.1
Score:
3.3
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved
Collectors
NVD DatabaseMitre Database
Credit
This issue was found by Rutger Truyers of Palo Alto Networks during internal security review.