CVE-2022-0019

Published at:
2022-02-10T18:15:08.687
Source: [email protected]

Global infos:

An insufficiently protected credentials vulnerability exists in the Palo Alto Networks GlobalProtect app on Linux that exposes the hashed credentials of GlobalProtect users that saved their password during previous GlobalProtect app sessions to other local users on the system. The exposed credentials enable a local attacker to authenticate to the GlobalProtect portal or gateway as the target user without knowing of the target user’s plaintext password. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.10 on Linux. GlobalProtect app 5.2 versions earlier than and including GlobalProtect app 5.2.7 on Linux. GlobalProtect app 5.3 versions earlier than GlobalProtect app 5.3.2 on Linux. This issue does not affect the GlobalProtect app on other platforms.

CVE Status: Modified

References:

  • [email protected]
  • af854a3a-2127-422b-91ae-364da2661108
    •

    Metrics:

    AttributeValue
    Attack ComplexityHIGH
    Attack VectorLOCAL
    Availability ImpactNONE
    Base Score4.7
    Base SeverityMEDIUM
    Confidentiality ImpactHIGH
    Integrity ImpactNONE
    Privileges RequiredLOW
    ScopeUNCHANGED
    User InteractionNONE
    Vector StringCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
    Exploitability Score1
    Impact Score3.6
    Source[email protected]
    TypeSecondary

    Links:

    Exploit-db
    Github

    Most recherched CVEs
    Popular Keywords