CVE-2020-2033Authentication Bypass by Spoofing in Palo Alto Networks Globalprotect APP

CWE-290Authentication Bypass by SpoofingCWE-295Improper Certificate Validation8 documents5 sources
Severity
5.3MEDIUMNVD
EPSS
0.1%
top 69.92%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Palo Alto Networks Globalprotect APPPaloaltonetworks GlobalprotectPaloalto Globalprotect APP
Timeline
PublishedJun 10
Latest updateMay 24

Description

When the pre-logon feature is enabled, a missing certification validation in Palo Alto Networks GlobalProtect app can disclose the pre-logon authentication cookie to a man-in-the-middle attacker on the same local area network segment with the ability to manipulate ARP or to conduct ARP spoofing attacks. This allows the attacker to access the GlobalProtect Server as allowed by configured Security rules for the 'pre-login' user. This access may be limited compared to the network access of regular

CVSS vector

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 1.6 | Impact: 3.6

Affected Packages3 packages

NVDpaloaltonetworks/globalprotect5.0.05.0.10+1
CVEListV5palo_alto_networks/globalprotect_app5.15.1.4+1

🔴Vulnerability Details

2
GHSA
GHSA-8p7q-qxxf-h3cm: When the pre-logon feature is enabled, a missing certification validation in Palo Alto Networks GlobalProtect app can disclose the pre-logon authentic2022-05-24
CVEList
GlobalProtect App: Missing certificate validation vulnerability can disclose pre-logon authentication cookie2020-06-10

📋Vendor Advisories

1
Palo Alto
GlobalProtect App: Missing certificate validation vulnerability can disclose pre-logon authentication cookie2020-06-10

💬Community

2
Bugzilla
CVE-2020-12395 Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.82020-05-05
Bugzilla
CVE-2020-12392 Mozilla: Arbitrary local file access with 'Copy as cURL'2020-05-05
CVE-2020-2033 — Authentication Bypass by Spoofing | cvebase