Encrypted User Credentials Exposed in Application Logs
CVE-2024-5908

5.5MEDIUM

Key Information:

Vendor: Palo Alto Networks
Status: Globalprotect App
Vendor: CVE Published:; 12 June 2024

🔔 Create Palo Alto Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2024-5908?

A security concern has been identified within the Palo Alto Networks GlobalProtect application. This issue allows for the exposure of encrypted user credentials within application logs that, while generally accessible only to local users, can compromise sensitive information when logs are shared for troubleshooting. Such logs can potentially be viewed by unintended recipients, posing risks to user privacy and data security. It is crucial for organizations using the GlobalProtect application to implement recommended measures to mitigate exposure and protect sensitive user credentials.

Affected Version(s)

GlobalProtect App 5.1.0 < 5.1.12

GlobalProtect App 6.0.0 < 6.0.8

GlobalProtect App 6.1.0 < 6.1.3

References

https://security.paloaltonetworks.com/CVE-2024-5908

vendor-advisory

CVSS V4

Score:

5.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Aug 9, 2024
Vulnerability published
Jun 12, 2024

Credit

Palo Alto Networks thanks Denis Faiustov and Ruslan Sayfiev of GMO Cybersecurity by IERAE for discovering and reporting this issue.

CVE-2024-5908 Data

JSON