CVE-2019-1573 - OpenCVE

GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may allow a local authenticated attacker who has compromised the end-user account and gained the ability to inspect memory, to access authentication and/or session tokens and replay them to spoof the VPN session and gain access as the user.

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:L/AC:M/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Paloaltonetworks	Globalprotect

Configuration 1 [-]

OR	cpe:2.3:a:paloaltonetworks:globalprotect::::::windows::*
	cpe:2.3:a:paloaltonetworks:globalprotect::::::macos::*

References

Link	Resource
http://www.securityfocus.com/bid/107868	Third Party Advisory VDB Entry
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0005	Third Party Advisory
https://security.paloaltonetworks.com/CVE-2019-1573	Vendor Advisory
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-783	Third Party Advisory
https://www.kb.cert.org/vuls/id/192371	Third Party Advisory US Government Resource

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: palo_alto

Published: 2019-04-09T00:00:00

Updated: 2020-04-09T13:29:41

Reserved: 2018-12-06T00:00:00

Link: CVE-2019-1573

JSON object: View

NVD Information

Status : Analyzed

Published: 2019-04-09T22:29:00.877

Modified: 2021-09-14T12:14:39.193

Link: CVE-2019-1573

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"platforms": ["Windows"], "product": "GlobalProtect Agent", "vendor": "Palo Alto Networks", "versions": [{"changes": [{"at": "4.1.1", "status": "unaffected"}], "lessThanOrEqual": "4.1.0", "status": "affected", "version": "4.1", "versionType": "custom"}]}, {"platforms": ["OS X"], "product": "GlobalProtect Agent", "vendor": "Palo Alto Networks", "versions": [{"lessThan": "4.1*", "status": "unaffected", "version": "4.1.11", "versionType": "custom"}]}], "datePublic": "2019-04-09T00:00:00", "descriptions": [{"lang": "en", "value": "GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may allow a local authenticated attacker who has compromised the end-user account and gained the ability to inspect memory, to access authentication and/or session tokens and replay them to spoof the VPN session and gain access as the user."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2.5, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-226", "description": "CWE-226 Sensitive Information Uncleared Before Release", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-04-09T13:29:41", "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto"}, "references": [{"name": "VU#192371", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "https://www.kb.cert.org/vuls/id/192371"}, {"name": "107868", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/107868"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0005"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-783"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.paloaltonetworks.com/CVE-2019-1573"}], "solutions": [{"lang": "en", "value": "This issue is fixed in GlobalProtect Agent 4.1.1 and later for Windows, and GlobalProtect Agent 4.1.11 and later for macOS."}], "source": {"discovery": "EXTERNAL"}, "title": "Information Disclosure in GlobalProtect Agent", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@paloaltonetworks.com", "DATE_PUBLIC": "2019-04-09T17:45:00.000Z", "ID": "CVE-2019-1573", "STATE": "PUBLIC", "TITLE": "Information Disclosure in GlobalProtect Agent"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "GlobalProtect Agent", "version": {"version_data": [{"platform": "Windows", "version_affected": "<=", "version_name": "4.1", "version_value": "4.1.0"}, {"platform": "Windows", "version_affected": "!>=", "version_name": "4.1", "version_value": "4.1.1"}, {"platform": "OS X", "version_affected": "!>=", "version_name": "4.1", "version_value": "4.1.11"}, {"platform": "OS X", "version_affected": "<=", "version_name": "4.1", "version_value": "4.1.10 +1"}]}}]}, "vendor_name": "Palo Alto Networks"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may allow a local authenticated attacker who has compromised the end-user account and gained the ability to inspect memory, to access authentication and/or session tokens and replay them to spoof the VPN session and gain access as the user."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2.5, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-226 Sensitive Information Uncleared Before Release"}]}]}, "references": {"reference_data": [{"name": "VU#192371", "refsource": "CERT-VN", "url": "https://www.kb.cert.org/vuls/id/192371"}, {"name": "107868", "refsource": "BID", "url": "http://www.securityfocus.com/bid/107868"}, {"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0005", "refsource": "CONFIRM", "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0005"}, {"name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-783", "refsource": "CONFIRM", "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-783"}, {"name": "https://security.paloaltonetworks.com/CVE-2019-1573", "refsource": "CONFIRM", "url": "https://security.paloaltonetworks.com/CVE-2019-1573"}]}, "solution": [{"lang": "en", "value": "This issue is fixed in GlobalProtect Agent 4.1.1 and later for Windows, and GlobalProtect Agent 4.1.11 and later for macOS."}], "source": {"discovery": "EXTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "assignerShortName": "palo_alto", "cveId": "CVE-2019-1573", "datePublished": "2019-04-09T00:00:00", "dateReserved": "2018-12-06T00:00:00", "dateUpdated": "2020-04-09T13:29:41", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:windows:*:*", "matchCriteriaId": "A38DA3B1-2CCD-4320-B802-BFF1B24994C4", "versionEndIncluding": "4.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:macos:*:*", "matchCriteriaId": "4E5BE83D-C94B-4382-8673-697896208A77", "versionEndIncluding": "4.1.10", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may allow a local authenticated attacker who has compromised the end-user account and gained the ability to inspect memory, to access authentication and/or session tokens and replay them to spoof the VPN session and gain access as the user."}, {"lang": "es", "value": "GlobalProtect Agent versi\u00f3n 4.1.0 para Windows y GlobalProtect Agent versi\u00f3n 4.1.10 y anteriores para macOS pueden permitir un atacante autenticado local que haya comprometido la cuenta del usuario final y haya obtenido la capacidad de inspeccionar la memoria, para acceder a los tokens de autenticaci\u00f3n y/o sesi\u00f3n y los reproduzca para falsificar la sesi\u00f3n VPN y conseguir acceso como usuario."}], "id": "CVE-2019-1573", "lastModified": "2021-09-14T12:14:39.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.9, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2.5, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2.5, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 1.4, "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}, "published": "2019-04-09T22:29:00.877", "references": [{"source": "psirt@paloaltonetworks.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/107868"}, {"source": "psirt@paloaltonetworks.com", "tags": ["Third Party Advisory"], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0005"}, {"source": "psirt@paloaltonetworks.com", "tags": ["Vendor Advisory"], "url": "https://security.paloaltonetworks.com/CVE-2019-1573"}, {"source": "psirt@paloaltonetworks.com", "tags": ["Third Party Advisory"], "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-783"}, {"source": "psirt@paloaltonetworks.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.kb.cert.org/vuls/id/192371"}], "sourceIdentifier": "psirt@paloaltonetworks.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-311"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-226"}], "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}