CVE-2019-1573 — Sensitive Information in Resource Not Removed Before Reuse in Palo Alto Networks Globalprotect Agent

CWE-226 — Sensitive Information in Resource Not Removed Before Reuse CWE-311 — Missing Encryption of Sensitive Data CWE-200 — Sensitive Information Exposure4 documents4 sources

Severity

2.5LOWNVD

EPSS

0.2%

top 54.24%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Palo Alto Networks Globalprotect Agent Paloaltonetworks Globalprotect Paloalto Globalprotect APP

Timeline

PublishedApr 9

Latest updateMay 13

Description

GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may allow a local authenticated attacker who has compromised the end-user account and gained the ability to inspect memory, to access authentication and/or session tokens and replay them to spoof the VPN session and gain access as the user.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.0 | Impact: 1.4

Affected Packages3 packages

▶CVEListV5palo_alto_networks/globalprotect_agent4.1 — 4.1.0

▶NVDpaloaltonetworks/globalprotect4.1.0+1

▶Palo Altopaloalto/globalprotect_app

🔴Vulnerability Details

GHSA

GHSA-2xxh-hp4f-fg97: GlobalProtect Agent 4↗2022-05-13

▶

CVEList

Information Disclosure in GlobalProtect Agent↗2019-04-09

▶

📋Vendor Advisories

Palo Alto

Information Disclosure in GlobalProtect App↗2019-04-09

▶