CVE-2022-0019

{"id": "CVE-2022-0019", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 1.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}, {"type": "Secondary", "source": "psirt@paloaltonetworks.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.0}]}, "published": "2022-02-10T18:15:08.687", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2022-0019", "tags": ["Vendor Advisory"], "source": "psirt@paloaltonetworks.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-522"}]}, {"type": "Secondary", "source": "psirt@paloaltonetworks.com", "description": [{"lang": "en", "value": "CWE-522"}]}], "descriptions": [{"lang": "en", "value": "An insufficiently protected credentials vulnerability exists in the Palo Alto Networks GlobalProtect app on Linux that exposes the hashed credentials of GlobalProtect users that saved their password during previous GlobalProtect app sessions to other local users on the system. The exposed credentials enable a local attacker to authenticate to the GlobalProtect portal or gateway as the target user without knowing of the target user\u2019s plaintext password. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.10 on Linux. GlobalProtect app 5.2 versions earlier than and including GlobalProtect app 5.2.7 on Linux. GlobalProtect app 5.3 versions earlier than GlobalProtect app 5.3.2 on Linux. This issue does not affect the GlobalProtect app on other platforms."}, {"lang": "es", "value": "Se presenta una vulnerabilidad de credenciales insuficientemente protegidas en GlobalProtect app de Palo Alto Networks en Linux que expone las credenciales con hash de los usuarios de GlobalProtect que guardaron su contrase\u00f1a durante sesiones anteriores de GlobalProtect app a otros usuarios locales del sistema. Las credenciales expuestas permiten a un atacante local autenticarse en el portal o la puerta de enlace de GlobalProtect como el usuario de destino sin conocer la contrase\u00f1a en texto plano del usuario de destino. Este problema afecta: GlobalProtect app 5.1 versiones anteriores a GlobalProtect app 5.1.10 en Linux. GlobalProtect app versiones 5.2 anteriores a GlobalProtect app 5.2.7 en Linux. GlobalProtect app versiones 5.3 anteriores a GlobalProtect app 5.3.2 en Linux. Este problema no afecta a GlobalProtect app en otras plataformas"}], "lastModified": "2022-02-17T15:25:28.520", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E84FC1F6-58F6-4C67-A8E9-93233865C080", "versionEndExcluding": "5.1.10", "versionStartIncluding": "5.1"}, {"criteria": "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4FEBC14-2794-48FB-B210-5E720254E7B8", "versionEndIncluding": "5.2.7", "versionStartIncluding": "5.2"}, {"criteria": "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3170EC23-3410-43B0-8D72-48297059954A", "versionEndExcluding": "5.3.2", "versionStartIncluding": "5.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@paloaltonetworks.com"}