CVE-2022-0018 — Sensitive Info Insertion into Sent Data in Palo Alto Networks Globalprotect APP
CWE-201 — Sensitive Info Insertion into Sent DataCWE-200 — Sensitive Information ExposureCWE-476 — NULL Pointer DereferenceCWE-369 — Divide By ZeroCWE-824 — Access of Uninitialized PointerCWE-99 — Resource InjectionCWE-430 — Deployment of Wrong HandlerCWE-754 — Improper Check for Unusual or Exceptional ConditionsCWE-416 — Use After FreeCWE-1288 — Improper Validation of Consistency within InputCWE-362 — Race ConditionCWE-20 — Improper Input ValidationCWE-628 — Function Call with Incorrectly Specified Arguments30 documents7 sources
Severity
6.5MEDIUMNVD
CNA6.1
EPSS
0.3%
top 51.31%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedFeb 10
Latest updateDec 24
Description
An information exposure vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows and MacOS where the credentials of the local user account are sent to the GlobalProtect portal when the Single Sign-On feature is enabled in the GlobalProtect portal configuration. This product behavior is intentional and poses no security risk when connecting to trusted GlobalProtect portals configured to use the same Single Sign-On credentials both for the local user account as well as the Globa…
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6
Affected Packages3 packages
🔴Vulnerability Details
5GHSA▶
GHSA-rvgp-9v6m-x4g4: An information exposure vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows and MacOS where the credentials of the local user↗2022-02-11
CVEList▶
GlobalProtect App: Information Exposure Vulnerability When Connecting to GlobalProtect Portal With Single Sign-On Enabled↗2022-02-10