Main Vulnerability Database Vulnerabilities #VU60486

Insufficiently protected credentials in GlobalProtect Agent - CVE-2022-0019

Published: February 9, 2022

Vulnerability identifier: #VU60486

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2022-0019

CWE-ID: CWE-522

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
GlobalProtect Agent

Software vendor:
Palo Alto Networks, Inc.

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to hashed credentials of GlobalProtect users that saved their password during previous GlobalProtect app sessions are accessible by other users on the system. A local user can obtain hashed credentials and recover the password.

Note, the vulnerability affects Linux clients only.

Remediation

Install updates from vendor's website.

External links

https://security.paloaltonetworks.com/CVE-2022-0019

Insufficiently protected credentials in GlobalProtect Agent - CVE-2022-0019

Description

Remediation

External links

Please verify you're human