CVE-2020-1987 - OpenCVE

An information exposure vulnerability in the logging component of Palo Alto Networks Global Protect Agent allows a local authenticated user to read VPN cookie information when the troubleshooting logging level is set to "Dump". This issue affects Palo Alto Networks Global Protect Agent 5.0 versions prior to 5.0.9; 5.1 versions prior to 5.1.1.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:L/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Paloaltonetworks	Globalprotect

Configuration 1 [-]

OR	cpe:2.3:a:paloaltonetworks:globalprotect::::::::
	cpe:2.3:a:paloaltonetworks:globalprotect::::::::

References

Link	Resource
https://security.paloaltonetworks.com/CVE-2020-1987	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: palo_alto

Published: 2020-04-08T00:00:00

Updated: 2020-04-08T18:41:58

Reserved: 2019-12-04T00:00:00

Link: CVE-2020-1987

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-04-08T19:15:13.837

Modified: 2021-09-14T13:39:14.733

Link: CVE-2020-1987

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "Global Protect Agent", "vendor": "Palo Alto Networks", "versions": [{"changes": [{"at": "5.0.9", "status": "unaffected"}], "lessThan": "5.0.9", "status": "affected", "version": "5.0", "versionType": "custom"}, {"changes": [{"at": "5.1.1", "status": "unaffected"}], "lessThan": "5.1.1", "status": "affected", "version": "5.1", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Palo Alto Networks thanks Ahmet Hrnjadovic for discovering and reporting this issue."}], "datePublic": "2020-04-08T00:00:00", "descriptions": [{"lang": "en", "value": "An information exposure vulnerability in the logging component of Palo Alto Networks Global Protect Agent allows a local authenticated user to read VPN cookie information when the troubleshooting logging level is set to \"Dump\". This issue affects Palo Alto Networks Global Protect Agent 5.0 versions prior to 5.0.9; 5.1 versions prior to 5.1.1."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.9, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "description": "CWE-200 Information Exposure", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-04-08T18:41:58", "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://security.paloaltonetworks.com/CVE-2020-1987"}], "solutions": [{"lang": "en", "value": "This issue is fixed in Global Protect Agent 5.0.9, Global Protect Agent 5.1.1 and all later versions."}], "source": {"defect": ["GPC-9393"], "discovery": "EXTERNAL"}, "timeline": [{"lang": "en", "time": "2020-04-08T00:00:00", "value": "Initial publication"}], "title": "Global Protect Agent: VPN cookie local information disclosure", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@paloaltonetworks.com", "DATE_PUBLIC": "2020-04-08T16:00:00.000Z", "ID": "CVE-2020-1987", "STATE": "PUBLIC", "TITLE": "Global Protect Agent: VPN cookie local information disclosure"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Global Protect Agent", "version": {"version_data": [{"version_affected": "<", "version_name": "5.0", "version_value": "5.0.9"}, {"version_affected": "<", "version_name": "5.1", "version_value": "5.1.1"}, {"version_affected": "!>=", "version_name": "5.0", "version_value": "5.0.9"}, {"version_affected": "!>=", "version_name": "5.1", "version_value": "5.1.1"}]}}]}, "vendor_name": "Palo Alto Networks"}]}}, "credit": [{"lang": "eng", "value": "Palo Alto Networks thanks Ahmet Hrnjadovic for discovering and reporting this issue."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An information exposure vulnerability in the logging component of Palo Alto Networks Global Protect Agent allows a local authenticated user to read VPN cookie information when the troubleshooting logging level is set to \"Dump\". This issue affects Palo Alto Networks Global Protect Agent 5.0 versions prior to 5.0.9; 5.1 versions prior to 5.1.1."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.9, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-200 Information Exposure"}]}]}, "references": {"reference_data": [{"name": "https://security.paloaltonetworks.com/CVE-2020-1987", "refsource": "MISC", "url": "https://security.paloaltonetworks.com/CVE-2020-1987"}]}, "solution": [{"lang": "en", "value": "This issue is fixed in Global Protect Agent 5.0.9, Global Protect Agent 5.1.1 and all later versions."}], "source": {"defect": ["GPC-9393"], "discovery": "EXTERNAL"}, "timeline": [{"lang": "en", "time": "2020-04-08T00:00:00", "value": "Initial publication"}]}}}, "cveMetadata": {"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "assignerShortName": "palo_alto", "cveId": "CVE-2020-1987", "datePublished": "2020-04-08T00:00:00", "dateReserved": "2019-12-04T00:00:00", "dateUpdated": "2020-04-08T18:41:58", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:*:*:*", "matchCriteriaId": "7C63FA07-3534-433F-B7F4-AE94CC03D916", "versionEndExcluding": "5.0.9", "versionStartIncluding": "5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:*:*:*", "matchCriteriaId": "1C8B2577-975B-4603-8AC8-26D632948202", "versionEndExcluding": "5.1.1", "versionStartIncluding": "5.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An information exposure vulnerability in the logging component of Palo Alto Networks Global Protect Agent allows a local authenticated user to read VPN cookie information when the troubleshooting logging level is set to \"Dump\". This issue affects Palo Alto Networks Global Protect Agent 5.0 versions prior to 5.0.9; 5.1 versions prior to 5.1.1."}, {"lang": "es", "value": "Una vulnerabilidad de exposici\u00f3n de informaci\u00f3n en el componente logging del Global Protect Agent de Palo Alto Networks, permite a un usuario autenticado local leer informaci\u00f3n de la cookie VPN cuando el nivel de registro de soluci\u00f3n de problemas se establece en \"Dump\". Este problema afecta a Palo Alto Networks versiones 5.0 anteriores a 5.0.9; 5.1 versiones anteriores a 5.1.1."}], "id": "CVE-2020-1987", "lastModified": "2021-09-14T13:39:14.733", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.9, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 2.5, "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}, "published": "2020-04-08T19:15:13.837", "references": [{"source": "psirt@paloaltonetworks.com", "tags": ["Vendor Advisory"], "url": "https://security.paloaltonetworks.com/CVE-2020-1987"}], "sourceIdentifier": "psirt@paloaltonetworks.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-532"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-200"}], "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}