CVE-2024-5908 MEDIUM

CVE-2024-5908: GlobalProtect App: Encrypted Credential Exposure via Log Files

Vendor Palo Alto Networks
Product GlobalProtect App
Weakness CWE-532 · Sensitive info in logs
Published June 12, 2024
Last update August 9, 2024

CVSS base score

5.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:H/SI:H/SA:H/AU:N/R:U/V:D/RE:M/U:Amber

What the vulnerability does

01Description

A problem with the Palo Alto Networks GlobalProtect app can result in exposure of encrypted user credentials, used for connecting to GlobalProtect, in application logs. Normally, these application logs are only viewable by local users and are included when generating logs for troubleshooting purposes. This means that these encrypted credentials are exposed to recipients of the application logs.

Key dates

02Disclosure timeline

June 12, 2024 CVE published
August 9, 2024 Record updated