CVSS4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
ACTIVE
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/SC:H/VI:N/SI:H/VA:N/SA:H/AU:N/U:Amber/R:U/V:D/RE:M
AI Score
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
A problem with the Palo Alto Networks GlobalProtect app can result in exposure of encrypted user credentials, used for connecting to GlobalProtect, in application logs. Normally, these application logs are only viewable by local users and are included when generating logs for troubleshooting purposes. This means that these encrypted credentials are exposed to recipients of the application logs.
[
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:globalprotect:5.1:*:*:*:*:*:*:*"
],
"vendor": "paloaltonetworks",
"product": "globalprotect",
"versions": [
{
"status": "affected",
"version": "5.1",
"lessThan": "5.1.12",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
},
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:globalprotect:6.0.0:*:*:*:*:*:*:*"
],
"vendor": "paloaltonetworks",
"product": "globalprotect",
"versions": [
{
"status": "affected",
"version": "6.0.0",
"lessThan": "6.0.8",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
},
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:globalprotect:6.1.0:*:*:*:*:*:*:*"
],
"vendor": "paloaltonetworks",
"product": "globalprotect",
"versions": [
{
"status": "affected",
"version": "6.1.0",
"lessThan": "6.1.3",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
},
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:globalprotect:6.2.0:*:*:*:*:*:*:*"
],
"vendor": "paloaltonetworks",
"product": "globalprotect",
"versions": [
{
"status": "affected",
"version": "6.2.0",
"lessThan": "6.2.3",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
]
CVSS4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
ACTIVE
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/SC:H/VI:N/SI:H/VA:N/SA:H/AU:N/U:Amber/R:U/V:D/RE:M
AI Score
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
total