Global Protect Agent

5.1.1

SEMANTIC 2 CVEs

5.1

MAJOR_MINOR 2 CVEs

4.1.13

SEMANTIC 1 CVE

5.0.8

SEMANTIC 1 CVE

5.0.9

SEMANTIC 1 CVE

4.1

MAJOR_MINOR 1 CVE

5.0

MAJOR_MINOR 3 CVEs

5.0.5

SEMANTIC 1 CVE

CVE-2020-1989

An incorrect privilege assignment vulnerability when writing application-specific files in the Palo Alto Networks Global Protect Agent for Linux on ARM platform allows a local authenticated user to gain root privileges on the system. This issue affects Palo Alto Networks Global Protect Agent for Linux 5.0 versions before 5.0.8; 5.1 versions before 5.1.1.

HIGH Apr 08, 2020

CVE-2020-1988

An unquoted search path vulnerability in the Windows release of Global Protect Agent allows an authenticated local user with file creation privileges on the root of the OS disk (C:\) or to Program Files directory to gain system privileges. This issue affects Palo Alto Networks GlobalProtect Agent 5.0 versions before 5.0.5; 4.1 versions before 4.1.13 on Windows;

MEDIUM Apr 08, 2020

CVE-2020-1987

An information exposure vulnerability in the logging component of Palo Alto Networks Global Protect Agent allows a local authenticated user to read VPN cookie information when the troubleshooting logging level is set to "Dump". This issue affects Palo Alto Networks Global Protect Agent 5.0 versions prior to 5.0.9; 5.1 versions prior to 5.1.1.

LOW Apr 08, 2020