CVE-2022-0021

GlobalProtect App: Information Exposure Vulnerability When Using Connect Before Logon

CVSS 3.3 LOWEPSS 0.2%CWE-532

Vexday Risk Score

8Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 3.3EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

10 Feb 2022Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

An information exposure through log file vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that logs the cleartext credentials of the connecting GlobalProtect user when authenticating using Connect Before Logon feature. This issue impacts GlobalProtect App 5.2 versions earlier than 5.2.9 on Windows. This issue does not affect the GlobalProtect app on other platforms.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Affected products

Palo Alto Networks · GlobalProtect App

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://security.paloaltonetworks.com/CVE-2022-0021