fkie_nvd - fkie_cve-2022-0019

FKIE_CVE-2022-0019

Vulnerability from fkie_nvd - Published: 2022-02-10 18:15 - Updated: 2024-11-21 06:37

Severity ?

4.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

An insufficiently protected credentials vulnerability exists in the Palo Alto Networks GlobalProtect app on Linux that exposes the hashed credentials of GlobalProtect users that saved their password during previous GlobalProtect app sessions to other local users on the system. The exposed credentials enable a local attacker to authenticate to the GlobalProtect portal or gateway as the target user without knowing of the target user’s plaintext password. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.10 on Linux. GlobalProtect app 5.2 versions earlier than and including GlobalProtect app 5.2.7 on Linux. GlobalProtect app 5.3 versions earlier than GlobalProtect app 5.3.2 on Linux. This issue does not affect the GlobalProtect app on other platforms.

References

	URL	Tags
	psirt@paloaltonetworks.com	https://security.paloaltonetworks.com/CVE-2022-0019	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://security.paloaltonetworks.com/CVE-2022-0019	Vendor Advisory

Impacted products

Vendor	Product	Version
paloaltonetworks	globalprotect	*
paloaltonetworks	globalprotect	*
paloaltonetworks	globalprotect	*
linux	linux_kernel	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E84FC1F6-58F6-4C67-A8E9-93233865C080",
              "versionEndExcluding": "5.1.10",
              "versionStartIncluding": "5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4FEBC14-2794-48FB-B210-5E720254E7B8",
              "versionEndIncluding": "5.2.7",
              "versionStartIncluding": "5.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3170EC23-3410-43B0-8D72-48297059954A",
              "versionEndExcluding": "5.3.2",
              "versionStartIncluding": "5.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An insufficiently protected credentials vulnerability exists in the Palo Alto Networks GlobalProtect app on Linux that exposes the hashed credentials of GlobalProtect users that saved their password during previous GlobalProtect app sessions to other local users on the system. The exposed credentials enable a local attacker to authenticate to the GlobalProtect portal or gateway as the target user without knowing of the target user\u2019s plaintext password. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.10 on Linux. GlobalProtect app 5.2 versions earlier than and including GlobalProtect app 5.2.7 on Linux. GlobalProtect app 5.3 versions earlier than GlobalProtect app 5.3.2 on Linux. This issue does not affect the GlobalProtect app on other platforms."
    },
    {
      "lang": "es",
      "value": "Se presenta una vulnerabilidad de credenciales insuficientemente protegidas en GlobalProtect app de Palo Alto Networks en Linux que expone las credenciales con hash de los usuarios de GlobalProtect que guardaron su contrase\u00f1a durante sesiones anteriores de GlobalProtect app a otros usuarios locales del sistema. Las credenciales expuestas permiten a un atacante local autenticarse en el portal o la puerta de enlace de GlobalProtect como el usuario de destino sin conocer la contrase\u00f1a en texto plano del usuario de destino. Este problema afecta: GlobalProtect app 5.1 versiones anteriores a GlobalProtect app 5.1.10 en Linux. GlobalProtect app versiones 5.2 anteriores a GlobalProtect app 5.2.7 en Linux. GlobalProtect app versiones 5.3 anteriores a GlobalProtect app 5.3.2 en Linux. Este problema no afecta a GlobalProtect app en otras plataformas"
    }
  ],
  "id": "CVE-2022-0019",
  "lastModified": "2024-11-21T06:37:49.870",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 1.9,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.0,
        "impactScore": 3.6,
        "source": "psirt@paloaltonetworks.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-02-10T18:15:08.687",
  "references": [
    {
      "source": "psirt@paloaltonetworks.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://security.paloaltonetworks.com/CVE-2022-0019"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://security.paloaltonetworks.com/CVE-2022-0019"
    }
  ],
  "sourceIdentifier": "psirt@paloaltonetworks.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-522"
        }
      ],
      "source": "psirt@paloaltonetworks.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-522"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2022-0019 (GCVE-0-2022-0019)

Vulnerability from cvelistv5 – Published: 2022-02-10 18:10 – Updated: 2024-09-16 20:06

Summary

Severity ?

4.7 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE

CWE-522 - Insufficiently Protected Credentials

Assigner

palo_alto

References

URL

Tags

https://security.paloaltonetworks.com/CVE-2022-0019

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Palo Alto Networks	GlobalProtect App	Affected: 5.3 , < 5.3.2 (custom) Affected: 5.2 , ≤ 5.2.7 (custom) Affected: 5.1 , < 5.1.10 (custom)

Credits

Palo Alto Networks thanks Josh Wisely and Praveen Bomma of Splunk for discovering and reporting this issue.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:18:41.591Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2022-0019"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "Linux"
          ],
          "product": "GlobalProtect App",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "5.3.2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "5.3.2",
              "status": "affected",
              "version": "5.3",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.2.7",
              "status": "affected",
              "version": "5.2",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "5.1.10",
                  "status": "unaffected"
                }
              ],
              "lessThan": "5.1.10",
              "status": "affected",
              "version": "5.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue is applicable only to GlobalProtect app users that save their user credentials for use when authenticating to a GlobalProtect portal."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks Josh Wisely and Praveen Bomma of Splunk for discovering and reporting this issue."
        }
      ],
      "datePublic": "2022-02-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An insufficiently protected credentials vulnerability exists in the Palo Alto Networks GlobalProtect app on Linux that exposes the hashed credentials of GlobalProtect users that saved their password during previous GlobalProtect app sessions to other local users on the system. The exposed credentials enable a local attacker to authenticate to the GlobalProtect portal or gateway as the target user without knowing of the target user\u2019s plaintext password. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.10 on Linux. GlobalProtect app 5.2 versions earlier than and including GlobalProtect app 5.2.7 on Linux. GlobalProtect app 5.3 versions earlier than GlobalProtect app 5.3.2 on Linux. This issue does not affect the GlobalProtect app on other platforms."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-522",
              "description": "CWE-522 Insufficiently Protected Credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-02-10T18:10:21",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2022-0019"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in GlobalProtect app 5.1.10 on Linux, GlobalProtect app 5.3.2 on Linux, and all later GlobalProtect app versions.\n\nExisting credentials files that are exposed by this issue will be secured when the fixed GlobalProtect app is launched."
        }
      ],
      "source": {
        "defect": [
          "GPC-13843"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2022-02-09T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "GlobalProtect App: Insufficiently Protected Credentials Vulnerability on Linux",
      "workarounds": [
        {
          "lang": "en",
          "value": "Users should not save their credentials until the GlobalProtect app is upgraded to a fixed version.\n\nGlobalProtect portal administrators can prevent GlobalProtect app users from saving their credentials on the next connection to the GlobalProtect portal by preventing \u2018Save User Credentials\u2019 from the portal agent configuration as described here:\n\nhttps://docs.paloaltonetworks.com/globalprotect/10-1/globalprotect-admin/globalprotect-apps/deploy-app-settings-transparently/customizable-app-settings/user-behavior-options.html"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2022-02-09T17:00:00.000Z",
          "ID": "CVE-2022-0019",
          "STATE": "PUBLIC",
          "TITLE": "GlobalProtect App: Insufficiently Protected Credentials Vulnerability on Linux"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "GlobalProtect App",
                      "version": {
                        "version_data": [
                          {
                            "platform": "Linux",
                            "version_affected": "\u003c",
                            "version_name": "5.3",
                            "version_value": "5.3.2"
                          },
                          {
                            "platform": "Linux",
                            "version_affected": "\u003c=",
                            "version_name": "5.2",
                            "version_value": "5.2.7"
                          },
                          {
                            "platform": "Linux",
                            "version_affected": "!\u003e=",
                            "version_name": "5.3",
                            "version_value": "5.3.2"
                          },
                          {
                            "platform": "Linux",
                            "version_affected": "\u003c",
                            "version_name": "5.1",
                            "version_value": "5.1.10"
                          },
                          {
                            "platform": "Linux",
                            "version_affected": "!\u003e=",
                            "version_name": "5.1",
                            "version_value": "5.1.10"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue is applicable only to GlobalProtect app users that save their user credentials for use when authenticating to a GlobalProtect portal."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks Josh Wisely and Praveen Bomma of Splunk for discovering and reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An insufficiently protected credentials vulnerability exists in the Palo Alto Networks GlobalProtect app on Linux that exposes the hashed credentials of GlobalProtect users that saved their password during previous GlobalProtect app sessions to other local users on the system. The exposed credentials enable a local attacker to authenticate to the GlobalProtect portal or gateway as the target user without knowing of the target user\u2019s plaintext password. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.10 on Linux. GlobalProtect app 5.2 versions earlier than and including GlobalProtect app 5.2.7 on Linux. GlobalProtect app 5.3 versions earlier than GlobalProtect app 5.3.2 on Linux. This issue does not affect the GlobalProtect app on other platforms."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-522 Insufficiently Protected Credentials"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2022-0019",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2022-0019"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in GlobalProtect app 5.1.10 on Linux, GlobalProtect app 5.3.2 on Linux, and all later GlobalProtect app versions.\n\nExisting credentials files that are exposed by this issue will be secured when the fixed GlobalProtect app is launched."
          }
        ],
        "source": {
          "defect": [
            "GPC-13843"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2022-02-09T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "Users should not save their credentials until the GlobalProtect app is upgraded to a fixed version.\n\nGlobalProtect portal administrators can prevent GlobalProtect app users from saving their credentials on the next connection to the GlobalProtect portal by preventing \u2018Save User Credentials\u2019 from the portal agent configuration as described here:\n\nhttps://docs.paloaltonetworks.com/globalprotect/10-1/globalprotect-admin/globalprotect-apps/deploy-app-settings-transparently/customizable-app-settings/user-behavior-options.html"
          }
        ],
        "x_advisoryEoL": true,
        "x_affectedList": [
          "GlobalProtect App 5.3.1",
          "GlobalProtect App 5.3.0",
          "GlobalProtect App 5.3",
          "GlobalProtect App 5.2.7",
          "GlobalProtect App 5.2.6",
          "GlobalProtect App 5.2.5",
          "GlobalProtect App 5.2.4",
          "GlobalProtect App 5.2.3",
          "GlobalProtect App 5.2.2",
          "GlobalProtect App 5.2.1",
          "GlobalProtect App 5.2.0",
          "GlobalProtect App 5.2",
          "GlobalProtect App 5.1.9",
          "GlobalProtect App 5.1.8",
          "GlobalProtect App 5.1.7",
          "GlobalProtect App 5.1.6",
          "GlobalProtect App 5.1.5",
          "GlobalProtect App 5.1.4",
          "GlobalProtect App 5.1.3",
          "GlobalProtect App 5.1.1",
          "GlobalProtect App 5.1.0",
          "GlobalProtect App 5.1"
        ],
        "x_likelyAffectedList": [
          "GlobalProtect App 5.0.10",
          "GlobalProtect App 5.0.9",
          "GlobalProtect App 5.0.8",
          "GlobalProtect App 5.0.7",
          "GlobalProtect App 5.0.6",
          "GlobalProtect App 5.0.5",
          "GlobalProtect App 5.0.4",
          "GlobalProtect App 5.0.3",
          "GlobalProtect App 5.0.2",
          "GlobalProtect App 5.0.1",
          "GlobalProtect App 5.0.0",
          "GlobalProtect App 5.0",
          "GlobalProtect App 4.1.13",
          "GlobalProtect App 4.1.12",
          "GlobalProtect App 4.1.11",
          "GlobalProtect App 4.1.10",
          "GlobalProtect App 4.1.9",
          "GlobalProtect App 4.1.8",
          "GlobalProtect App 4.1.7",
          "GlobalProtect App 4.1.6",
          "GlobalProtect App 4.1.5",
          "GlobalProtect App 4.1.4",
          "GlobalProtect App 4.1.3",
          "GlobalProtect App 4.1.2",
          "GlobalProtect App 4.1.1",
          "GlobalProtect App 4.1.0",
          "GlobalProtect App 4.1",
          "GlobalProtect App 4.0.8",
          "GlobalProtect App 4.0.7",
          "GlobalProtect App 4.0.6",
          "GlobalProtect App 4.0.5",
          "GlobalProtect App 4.0.4",
          "GlobalProtect App 4.0.3",
          "GlobalProtect App 4.0.2",
          "GlobalProtect App 4.0.0",
          "GlobalProtect App 4.0",
          "GlobalProtect App 3.1.6",
          "GlobalProtect App 3.1.5",
          "GlobalProtect App 3.1.4",
          "GlobalProtect App 3.1.3",
          "GlobalProtect App 3.1.1",
          "GlobalProtect App 3.1.0",
          "GlobalProtect App 3.1",
          "GlobalProtect App 3.0.3",
          "GlobalProtect App 3.0.2",
          "GlobalProtect App 3.0.1",
          "GlobalProtect App 3.0.0",
          "GlobalProtect App 3.0",
          "GlobalProtect App 2.3.5",
          "GlobalProtect App 2.3.4",
          "GlobalProtect App 2.3.3",
          "GlobalProtect App 2.3.2",
          "GlobalProtect App 2.3.1",
          "GlobalProtect App 2.3.0",
          "GlobalProtect App 2.3",
          "GlobalProtect App 2.2.2",
          "GlobalProtect App 2.2.1",
          "GlobalProtect App 2.2.0",
          "GlobalProtect App 2.2",
          "GlobalProtect App 2.1.4",
          "GlobalProtect App 2.1.3",
          "GlobalProtect App 2.1.2",
          "GlobalProtect App 2.1.1",
          "GlobalProtect App 2.1.0",
          "GlobalProtect App 2.1",
          "GlobalProtect App 2.0.5",
          "GlobalProtect App 2.0.4",
          "GlobalProtect App 2.0.3",
          "GlobalProtect App 2.0.2",
          "GlobalProtect App 2.0.1",
          "GlobalProtect App 2.0.0",
          "GlobalProtect App 2.0",
          "GlobalProtect App 1.2.11",
          "GlobalProtect App 1.2.10",
          "GlobalProtect App 1.2.9",
          "GlobalProtect App 1.2.8",
          "GlobalProtect App 1.2.7",
          "GlobalProtect App 1.2.6",
          "GlobalProtect App 1.2.5",
          "GlobalProtect App 1.2.4",
          "GlobalProtect App 1.2.3",
          "GlobalProtect App 1.2.2",
          "GlobalProtect App 1.2.1",
          "GlobalProtect App 1.2.0",
          "GlobalProtect App 1.2",
          "GlobalProtect App 1.1.8",
          "GlobalProtect App 1.1.7",
          "GlobalProtect App 1.1.6",
          "GlobalProtect App 1.1.5",
          "GlobalProtect App 1.1.4",
          "GlobalProtect App 1.1.3",
          "GlobalProtect App 1.1.2",
          "GlobalProtect App 1.1.1",
          "GlobalProtect App 1.1.0",
          "GlobalProtect App 1.1",
          "GlobalProtect App 1.0.8",
          "GlobalProtect App 1.0.7",
          "GlobalProtect App 1.0.5",
          "GlobalProtect App 1.0.3",
          "GlobalProtect App 1.0.1",
          "GlobalProtect App 1.0"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2022-0019",
    "datePublished": "2022-02-10T18:10:21.940684Z",
    "dateReserved": "2021-12-28T00:00:00",
    "dateUpdated": "2024-09-16T20:06:53.694Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

FKIE_CVE-2022-0019

CVE-2022-0019 (GCVE-0-2022-0019)

Tags

Sightings

Nomenclature