First published: Wed Apr 08 2020(Updated: )
An information exposure vulnerability in the logging component of Palo Alto Networks Global Protect Agent allows a local authenticated user to read VPN cookie information when the troubleshooting logging level is set to "Dump". This issue affects Palo Alto Networks Global Protect Agent 5.0 versions prior to 5.0.9; 5.1 versions prior to 5.1.1.
Credit: psirt@paloaltonetworks.com
Affected Software | Affected Version | How to fix |
---|---|---|
Paloaltonetworks Globalprotect | >=5.0<5.0.9 | |
Paloaltonetworks Globalprotect | >=5.1<5.1.1 |
This issue is fixed in Global Protect Agent 5.0.9, Global Protect Agent 5.1.1 and all later versions.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-1987 is an information exposure vulnerability in the logging component of Palo Alto Networks Global Protect Agent that allows a local authenticated user to read VPN cookie information.
CVE-2020-1987 affects Palo Alto Networks Global Protect Agent 5.0 versions up to 5.0.9 and 5.1 versions up to 5.1.1.
CVE-2020-1987 has a severity score of 3.3, which is classified as low.
A local authenticated user can exploit CVE-2020-1987 by setting the troubleshooting logging level to "Dump" and reading VPN cookie information.
Yes, Palo Alto Networks has released patches to fix CVE-2020-1987. Users should update to the latest version of Palo Alto Networks Global Protect Agent.