CVE-2022-0021
published 2022-02-10CVE-2022-0021: An information exposure through log file vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that logs the cleartext credentials of the…
PriorityP424medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
EPSS
0.22%
12.5th percentile
An information exposure through log file vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that logs the cleartext credentials of the connecting GlobalProtect user when authenticating using Connect Before Logon feature. This issue impacts GlobalProtect App 5.2 versions earlier than 5.2.9 on Windows. This issue does not affect the GlobalProtect app on other platforms.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| palo_alto_networks | globalprotect_app | >= 5.2 < 5.2.9 | 5.2.9 |
| paloalto | globalprotect_app | — | — |
| paloaltonetworks | globalprotect | >= 5.2 < 5.2.9 | 5.2.9 |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvdv2.01.9LOWAV:L/AC:M/Au:N/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Palo Alto
GlobalProtect App: Information Exposure Vulnerability When Using Connect Before Logon
vendor_paloalto·2022-02-09·CVSS 5.5
CVE-2022-0021 [MEDIUM] CWE-532 GlobalProtect App: Information Exposure Vulnerability When Using Connect Before Logon
GlobalProtect App: Information Exposure Vulnerability When Using Connect Before Logon
An information exposure through log file vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that logs the cleartext credentials of the connecting GlobalProtect user when authenticating using Connect Before Logon feature.
Affected products: GlobalProtect App
Solution: This issue is fixed in GlobalProtect app 5.2.9 on Windows and all later GlobalProtect app versions.
Workaround: There are no known workarounds for this issue.
GHSA
GHSA-c8q6-g23p-58gh: An information exposure through log file vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that logs the cleartext credentia
ghsa_unreviewed·2022-02-11
CVE-2022-0021 [MEDIUM] CWE-532 GHSA-c8q6-g23p-58gh: An information exposure through log file vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that logs the cleartext credentia
An information exposure through log file vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that logs the cleartext credentials of the connecting GlobalProtect user when authenticating using Connect Before Logon feature. This issue impacts GlobalProtect App 5.2 versions earlier than 5.2.9 on Windows. This issue does not affect the GlobalProtect app on other platforms.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-02-10
Published