CVE-2019-1573

🗓️ 09 Apr 2019 21:04:01Reported by palo_altoType

GlobalProtect Agent vulnerability allows local authenticated attacker to access authentication and/or session token

Reporter	Title	Published	Views	Family All 17
BDU FSTEC	The vulnerability of the GlobalProtect Agent VPN application, related to authentication procedures that are insufficient, allows a hacker to forge a VPN session and gain access under the user’s identity.	24 May 201900:00	–	bdu_fstec
Broadcom	BSA-2019-783	16 Apr 201900:00	–	broadcom
Cvelist	CVE-2019-1573 Information Disclosure in GlobalProtect Agent	9 Apr 201921:04	–	cvelist
EUVD	EUVD-2019-10130	7 Oct 202500:30	–	euvd
NVD	CVE-2019-1573	9 Apr 201922:29	–	nvd
OSV	CVE-2019-1573	9 Apr 201922:29	–	osv
Palo Alto Networks	Information Disclosure in GlobalProtect App	9 Apr 201917:45	–	paloalto
Palo Alto Networks	Information Disclosure in GlobalProtect App	9 Apr 201917:45	–	paloalto
Tenable Nessus	Palo Alto GlobalProtect Agent <= 4.1.0 Information Disclosure (Windows)	9 Jul 202000:00	–	nessus
Tenable Nessus	Palo Alto GlobalProtect Agent <= 4.1.10 Information Disclosure (MacOS)	9 Jul 202000:00	–	nessus

NVD

Vulners

Node

paloaltonetworks globalprotectRange≤4.1.0windows

paloaltonetworks globalprotectRange≤4.1.10macos

[
  {
    "platforms": [
      "Windows"
    ],
    "product": "GlobalProtect Agent",
    "vendor": "Palo Alto Networks",
    "versions": [
      {
        "changes": [
          {
            "at": "4.1.1",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "4.1.0",
        "status": "affected",
        "version": "4.1",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "OS X"
    ],
    "product": "GlobalProtect Agent",
    "vendor": "Palo Alto Networks",
    "versions": [
      {
        "lessThan": "4.1*",
        "status": "unaffected",
        "version": "4.1.11",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
psirt	www.psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0005
security	www.security.paloaltonetworks.com/CVE-2019-1573
kb	www.kb.cert.org/vuls/id/192371
securityfocus	www.securityfocus.com/bid/107868
broadcom	www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-783

17 Jun 2026 02:28Current

3.9Low risk

Vulners AI Score3.9

CVSS 21.9

CVSS 3.12.5

EPSS0.00275