GlobalProtect App: Information Exposure Vulnerability When Using Connect Before Logon

CVE-2022-0021

3.3LOW

Key Information

Status
Globalprotect App
Vendor
CVE Published:
9 February 2022

Badges

👾 Exploit Exists

Summary

An information exposure through log file vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that logs the cleartext credentials of the connecting GlobalProtect user when authenticating using Connect Before Logon feature. This issue impacts GlobalProtect App 5.2 versions earlier than 5.2.9 on Windows. This issue does not affect the GlobalProtect app on other platforms.

Affected Version(s)

GlobalProtect App < 5.2.9

GlobalProtect App >= 5.1.*

GlobalProtect App >= 5.3.*

Refferences

CVSS V3.1

Score:
3.3
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database

Credit

This issue was found by Rutger Truyers of Palo Alto Networks during internal security review.
.