All the vulnerabilites related to Palo Alto Networks - GlobalProtect
cve-2020-1976
Vulnerability from cvelistv5
Published
2020-02-12 22:57
Modified
2024-09-17 01:51
Severity ?
EPSS score ?
Summary
A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect software running on Mac OS allows authenticated local users to cause the Mac OS kernel to hang or crash. This issue affects GlobalProtect 5.0.5 and earlier versions of GlobalProtect 5.0 on Mac OS.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.paloaltonetworks.com/CVE-2020-1976 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Palo Alto Networks | GlobalProtect |
Version: 5.0 < |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.347Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2020-1976"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Mac OS"
],
"product": "GlobalProtect",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "5.0.6",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.0.5",
"status": "affected",
"version": "5.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "This issue was discovered during a security test performed in collaboration with IOActive."
}
],
"datePublic": "2020-02-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect software running on Mac OS allows authenticated local users to cause the Mac OS kernel to hang or crash. This issue affects GlobalProtect 5.0.5 and earlier versions of GlobalProtect 5.0 on Mac OS."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-642",
"description": "CWE-642 External Control of Critical State Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-12T22:57:08",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.paloaltonetworks.com/CVE-2020-1976"
}
],
"solutions": [
{
"lang": "en",
"value": "This issue is fixed in GlobalProtect 5.0.6, GlobalProtect 5.1.0, and all later versions."
}
],
"source": {
"defect": [
"GPC-9616"
],
"discovery": "INTERNAL"
},
"title": "GlobalProtect on MacOS: Local denial-of-service (DoS) vulnerability.",
"workarounds": [
{
"lang": "en",
"value": "n/a"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2020-02-12T17:00:00.000Z",
"ID": "CVE-2020-1976",
"STATE": "PUBLIC",
"TITLE": "GlobalProtect on MacOS: Local denial-of-service (DoS) vulnerability."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "GlobalProtect",
"version": {
"version_data": [
{
"platform": "Mac OS",
"version_affected": "\u003c=",
"version_name": "5.0",
"version_value": "5.0.5"
},
{
"platform": "Mac OS",
"version_affected": "!\u003e=",
"version_name": "5.0",
"version_value": "5.0.6"
}
]
}
}
]
},
"vendor_name": "Palo Alto Networks"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "This issue was discovered during a security test performed in collaboration with IOActive."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect software running on Mac OS allows authenticated local users to cause the Mac OS kernel to hang or crash. This issue affects GlobalProtect 5.0.5 and earlier versions of GlobalProtect 5.0 on Mac OS."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-642 External Control of Critical State Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.paloaltonetworks.com/CVE-2020-1976",
"refsource": "MISC",
"url": "https://security.paloaltonetworks.com/CVE-2020-1976"
}
]
},
"solution": [
{
"lang": "en",
"value": "This issue is fixed in GlobalProtect 5.0.6, GlobalProtect 5.1.0, and all later versions."
}
],
"source": {
"defect": [
"GPC-9616"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "n/a"
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2020-1976",
"datePublished": "2020-02-12T22:57:08.144091Z",
"dateReserved": "2019-12-04T00:00:00",
"dateUpdated": "2024-09-17T01:51:07.142Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}