Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2022-AVI-234
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Palo Alto Networks. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
- GlobalProtect App sur Windows et MacOS versions 5.2.x antérieures à 5.2.9
- PAN-OS versions 8.1.x antérieures à 8.1.21
- PAN-OS versions 9.0.x
- PAN-OS versions 9.1.x antérieures à 9.1.11
- PAN-OS versions 10.0.x antérieures à 10.0.7
La version 9.0 de PAN-OS n'est plus supportée par l'éditeur depuis le 1er mars 2022.
L'avis éditeur indique de changer les mots de passe de tous les utilisateurs et administrateurs locaux après la mise à niveau.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cul\u003e \u003cli\u003eGlobalProtect App sur Windows et MacOS versions 5.2.x ant\u00e9rieures \u00e0 5.2.9\u003c/li\u003e \u003cli\u003ePAN-OS versions 8.1.x ant\u00e9rieures \u00e0 8.1.21\u003c/li\u003e \u003cli\u003ePAN-OS versions 9.0.x\u003c/li\u003e \u003cli\u003ePAN-OS versions 9.1.x ant\u00e9rieures \u00e0 9.1.11\u003c/li\u003e \u003cli\u003ePAN-OS versions 10.0.x ant\u00e9rieures \u00e0 10.0.7\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eLa version 9.0 de PAN-OS n\u0027est plus support\u00e9e par l\u0027\u00e9diteur depuis le 1\u003csup\u003eer\u003c/sup\u003e mars 2022.\u003c/p\u003e \u003cp\u003eL\u0027avis \u00e9diteur indique de changer les mots de passe de tous les utilisateurs et administrateurs locaux apr\u00e8s la mise \u00e0 niveau.\u003c/p\u003e ",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-0022",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0022"
},
{
"name": "CVE-2022-0016",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0016"
}
],
"initial_release_date": "2022-03-10T00:00:00",
"last_revision_date": "2022-03-14T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-234",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-03-10T00:00:00.000000"
},
{
"description": "Ajout de l\u0027information de changement des mots de passe",
"revision_date": "2022-03-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Palo\nAlto Networks. Elles permettent \u00e0 un attaquant de provoquer une atteinte\n\u00e0 la confidentialit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Palo Alto Networks",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto CVE-2022-0016 du 09 mars 2022",
"url": "https://security.paloaltonetworks.com/CVE-2022-0016"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto CVE-2022-0022 du 09 mars 2022",
"url": "https://security.paloaltonetworks.com/CVE-2022-0022"
}
]
}
CVE-2022-0022 (GCVE-0-2022-0022)
Vulnerability from cvelistv5
Published
2022-03-09 17:35
Modified
2024-09-16 20:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-916 - Use of Password Hash With Insufficient Computational Effort
Summary
Usage of a weak cryptographic algorithm in Palo Alto Networks PAN-OS software where the password hashes of administrator and local user accounts are not created with a sufficient level of computational effort, which allows for password cracking attacks on accounts in normal (non-FIPS-CC) operational mode. An attacker must have access to the account password hashes to take advantage of this weakness and can acquire those hashes if they are able to gain access to the PAN-OS software configuration. Fixed versions of PAN-OS software use a secure cryptographic algorithm for account password hashes. This issue does not impact Prisma Access firewalls. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.21; All versions of PAN-OS 9.0; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11; PAN-OS 10.0 versions earlier than PAN-OS 10.0.7.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | PAN-OS |
Version: 9.0.* Version: 9.1 < 9.1.11 Version: 8.1 < 8.1.21 Version: 10.0 < 10.0.7 |
||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:18:41.475Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2022-0022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "10.1.*"
},
{
"status": "affected",
"version": "9.0.*"
},
{
"status": "unaffected",
"version": "10.2.*"
},
{
"changes": [
{
"at": "9.1.11",
"status": "unaffected"
}
],
"lessThan": "9.1.11",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "8.1.21",
"status": "unaffected"
}
],
"lessThan": "8.1.21",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.0.7",
"status": "unaffected"
}
],
"lessThan": "10.0.7",
"status": "affected",
"version": "10.0",
"versionType": "custom"
}
]
},
{
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "3.0 Preferred, Innovation"
},
{
"status": "unaffected",
"version": "2.2 Preferred"
},
{
"status": "unaffected",
"version": "2.1 Preferred, Innovation"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "This issue is applicable only to PAN-OS firewalls and Panorama appliances running in normal (non-FIPS-CC) operational mode. PAN-OS software is not affected by this issue when running in FIPS-CC mode."
}
],
"credits": [
{
"lang": "en",
"value": "Palo Alto Networks thanks an external security researcher for discovering and reporting this issue."
}
],
"datePublic": "2022-03-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Usage of a weak cryptographic algorithm in Palo Alto Networks PAN-OS software where the password hashes of administrator and local user accounts are not created with a sufficient level of computational effort, which allows for password cracking attacks on accounts in normal (non-FIPS-CC) operational mode. An attacker must have access to the account password hashes to take advantage of this weakness and can acquire those hashes if they are able to gain access to the PAN-OS software configuration. Fixed versions of PAN-OS software use a secure cryptographic algorithm for account password hashes. This issue does not impact Prisma Access firewalls. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.21; All versions of PAN-OS 9.0; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11; PAN-OS 10.0 versions earlier than PAN-OS 10.0.7."
}
],
"exploits": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-916",
"description": "CWE-916 Use of Password Hash With Insufficient Computational Effort",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-09T17:35:09",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.paloaltonetworks.com/CVE-2022-0022"
}
],
"solutions": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.21, PAN-OS 9.1.11, PAN-OS 10.0.7, and all later PAN-OS versions.\n\nThe passwords for all existing local user and administrator accounts must be changed after PAN-OS is upgraded to a fixed version to leverage the more secure cryptography for password hashes. You cannot update existing password hashes. All new local user and administrator accounts will use secure cryptography.\n\nPAN-OS 9.0 is end-of-life as of March 1, 2022, and is no longer covered by our Product Security Assurance policies."
}
],
"source": {
"defect": [
"PAN-127479"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2022-03-09T00:00:00",
"value": "Initial publication"
}
],
"title": "PAN-OS: Use of a Weak Cryptographic Algorithm for Stored Password Hashes",
"workarounds": [
{
"lang": "en",
"value": "Ensure that any exported firewall configuration files are secured and that only trusted users have firewall management access to prevent the exposure of password hashes.\nUsing complex and secure passwords for all administrator and local user accounts makes password cracking infeasible and mitigates the impact of this issue.\n \nSwitching PAN-OS software from normal mode to FIPS-CC mode ensures that appliances use secure cryptography to store hashed credentials for all local user accounts. However, when you enable FIPS-CC mode, the appliance will reset to the factory default settings and the existing configuration is removed.\n\nDocumentation to enable FIPS-CC mode is available here:\nhttps://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/certifications/enable-fips-and-common-criteria-support.html"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2022-03-09T17:00:00.000Z",
"ID": "CVE-2022-0022",
"STATE": "PUBLIC",
"TITLE": "PAN-OS: Use of a Weak Cryptographic Algorithm for Stored Password Hashes"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PAN-OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "9.1",
"version_value": "9.1.11"
},
{
"version_affected": "\u003c",
"version_name": "8.1",
"version_value": "8.1.21"
},
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.7"
},
{
"version_affected": "!\u003e=",
"version_name": "9.1",
"version_value": "9.1.11"
},
{
"version_affected": "!\u003e=",
"version_name": "8.1",
"version_value": "8.1.21"
},
{
"version_affected": "!\u003e=",
"version_name": "10.0",
"version_value": "10.0.7"
},
{
"version_affected": "!",
"version_name": "10.1",
"version_value": "10.1.*"
},
{
"version_affected": "=",
"version_name": "9.0",
"version_value": "9.0.*"
},
{
"version_affected": "!",
"version_name": "10.2",
"version_value": "10.2.*"
}
]
}
},
{
"product_name": "Prisma Access",
"version": {
"version_data": [
{
"version_affected": "!",
"version_name": "3.0",
"version_value": "Preferred, Innovation"
},
{
"version_affected": "!",
"version_name": "2.2",
"version_value": "Preferred"
},
{
"version_affected": "!",
"version_name": "2.1",
"version_value": "Preferred, Innovation"
}
]
}
}
]
},
"vendor_name": "Palo Alto Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "This issue is applicable only to PAN-OS firewalls and Panorama appliances running in normal (non-FIPS-CC) operational mode. PAN-OS software is not affected by this issue when running in FIPS-CC mode."
}
],
"credit": [
{
"lang": "eng",
"value": "Palo Alto Networks thanks an external security researcher for discovering and reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Usage of a weak cryptographic algorithm in Palo Alto Networks PAN-OS software where the password hashes of administrator and local user accounts are not created with a sufficient level of computational effort, which allows for password cracking attacks on accounts in normal (non-FIPS-CC) operational mode. An attacker must have access to the account password hashes to take advantage of this weakness and can acquire those hashes if they are able to gain access to the PAN-OS software configuration. Fixed versions of PAN-OS software use a secure cryptographic algorithm for account password hashes. This issue does not impact Prisma Access firewalls. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.21; All versions of PAN-OS 9.0; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11; PAN-OS 10.0 versions earlier than PAN-OS 10.0.7."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-916 Use of Password Hash With Insufficient Computational Effort"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.paloaltonetworks.com/CVE-2022-0022",
"refsource": "MISC",
"url": "https://security.paloaltonetworks.com/CVE-2022-0022"
}
]
},
"solution": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.21, PAN-OS 9.1.11, PAN-OS 10.0.7, and all later PAN-OS versions.\n\nThe passwords for all existing local user and administrator accounts must be changed after PAN-OS is upgraded to a fixed version to leverage the more secure cryptography for password hashes. You cannot update existing password hashes. All new local user and administrator accounts will use secure cryptography.\n\nPAN-OS 9.0 is end-of-life as of March 1, 2022, and is no longer covered by our Product Security Assurance policies."
}
],
"source": {
"defect": [
"PAN-127479"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2022-03-09T00:00:00",
"value": "Initial publication"
}
],
"work_around": [
{
"lang": "en",
"value": "Ensure that any exported firewall configuration files are secured and that only trusted users have firewall management access to prevent the exposure of password hashes.\nUsing complex and secure passwords for all administrator and local user accounts makes password cracking infeasible and mitigates the impact of this issue.\n \nSwitching PAN-OS software from normal mode to FIPS-CC mode ensures that appliances use secure cryptography to store hashed credentials for all local user accounts. However, when you enable FIPS-CC mode, the appliance will reset to the factory default settings and the existing configuration is removed.\n\nDocumentation to enable FIPS-CC mode is available here:\nhttps://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/certifications/enable-fips-and-common-criteria-support.html"
}
],
"x_advisoryEoL": false,
"x_affectedList": [
"PAN-OS 10.0.6",
"PAN-OS 10.0.5",
"PAN-OS 10.0.4",
"PAN-OS 10.0.3",
"PAN-OS 10.0.2",
"PAN-OS 10.0.1",
"PAN-OS 10.0.0",
"PAN-OS 10.0",
"PAN-OS 9.1.10",
"PAN-OS 9.1.9",
"PAN-OS 9.1.8",
"PAN-OS 9.1.7",
"PAN-OS 9.1.6",
"PAN-OS 9.1.5",
"PAN-OS 9.1.4",
"PAN-OS 9.1.3-h1",
"PAN-OS 9.1.3",
"PAN-OS 9.1.2-h1",
"PAN-OS 9.1.2",
"PAN-OS 9.1.1",
"PAN-OS 9.1.0-h3",
"PAN-OS 9.1.0-h2",
"PAN-OS 9.1.0-h1",
"PAN-OS 9.1.0",
"PAN-OS 9.1",
"PAN-OS 9.0.16",
"PAN-OS 9.0.15",
"PAN-OS 9.0.14-h4",
"PAN-OS 9.0.14-h3",
"PAN-OS 9.0.14-h2",
"PAN-OS 9.0.14-h1",
"PAN-OS 9.0.14",
"PAN-OS 9.0.13",
"PAN-OS 9.0.12",
"PAN-OS 9.0.11",
"PAN-OS 9.0.10",
"PAN-OS 9.0.9-h1",
"PAN-OS 9.0.9",
"PAN-OS 9.0.8",
"PAN-OS 9.0.7",
"PAN-OS 9.0.6",
"PAN-OS 9.0.5",
"PAN-OS 9.0.4",
"PAN-OS 9.0.3-h3",
"PAN-OS 9.0.3-h2",
"PAN-OS 9.0.3-h1",
"PAN-OS 9.0.3",
"PAN-OS 9.0.2-h4",
"PAN-OS 9.0.2-h3",
"PAN-OS 9.0.2-h2",
"PAN-OS 9.0.2-h1",
"PAN-OS 9.0.2",
"PAN-OS 9.0.1",
"PAN-OS 9.0.0",
"PAN-OS 9.0",
"PAN-OS 8.1.20-h1",
"PAN-OS 8.1.20",
"PAN-OS 8.1.19",
"PAN-OS 8.1.18",
"PAN-OS 8.1.17",
"PAN-OS 8.1.16",
"PAN-OS 8.1.15-h3",
"PAN-OS 8.1.15-h2",
"PAN-OS 8.1.15-h1",
"PAN-OS 8.1.15",
"PAN-OS 8.1.14-h2",
"PAN-OS 8.1.14-h1",
"PAN-OS 8.1.14",
"PAN-OS 8.1.13",
"PAN-OS 8.1.12",
"PAN-OS 8.1.11",
"PAN-OS 8.1.10",
"PAN-OS 8.1.9-h4",
"PAN-OS 8.1.9-h3",
"PAN-OS 8.1.9-h2",
"PAN-OS 8.1.9-h1",
"PAN-OS 8.1.9",
"PAN-OS 8.1.8-h5",
"PAN-OS 8.1.8-h4",
"PAN-OS 8.1.8-h3",
"PAN-OS 8.1.8-h2",
"PAN-OS 8.1.8-h1",
"PAN-OS 8.1.8",
"PAN-OS 8.1.7",
"PAN-OS 8.1.6-h2",
"PAN-OS 8.1.6-h1",
"PAN-OS 8.1.6",
"PAN-OS 8.1.5",
"PAN-OS 8.1.4",
"PAN-OS 8.1.3",
"PAN-OS 8.1.2",
"PAN-OS 8.1.1",
"PAN-OS 8.1.0",
"PAN-OS 8.1"
],
"x_likelyAffectedList": [
"PAN-OS 8.0.20",
"PAN-OS 8.0.19-h1",
"PAN-OS 8.0.19",
"PAN-OS 8.0.18",
"PAN-OS 8.0.17",
"PAN-OS 8.0.16",
"PAN-OS 8.0.15",
"PAN-OS 8.0.14",
"PAN-OS 8.0.13",
"PAN-OS 8.0.12",
"PAN-OS 8.0.11-h1",
"PAN-OS 8.0.10",
"PAN-OS 8.0.9",
"PAN-OS 8.0.8",
"PAN-OS 8.0.7",
"PAN-OS 8.0.6-h3",
"PAN-OS 8.0.6-h2",
"PAN-OS 8.0.6-h1",
"PAN-OS 8.0.6",
"PAN-OS 8.0.5",
"PAN-OS 8.0.4",
"PAN-OS 8.0.3-h4",
"PAN-OS 8.0.3-h3",
"PAN-OS 8.0.3-h2",
"PAN-OS 8.0.3-h1",
"PAN-OS 8.0.3",
"PAN-OS 8.0.2",
"PAN-OS 8.0.1",
"PAN-OS 8.0.0",
"PAN-OS 8.0",
"PAN-OS 7.1.26",
"PAN-OS 7.1.25",
"PAN-OS 7.1.24-h1",
"PAN-OS 7.1.24",
"PAN-OS 7.1.23",
"PAN-OS 7.1.22",
"PAN-OS 7.1.21",
"PAN-OS 7.1.20",
"PAN-OS 7.1.19",
"PAN-OS 7.1.18",
"PAN-OS 7.1.17",
"PAN-OS 7.1.16",
"PAN-OS 7.1.15",
"PAN-OS 7.1.14",
"PAN-OS 7.1.13",
"PAN-OS 7.1.12",
"PAN-OS 7.1.11",
"PAN-OS 7.1.10",
"PAN-OS 7.1.9-h4",
"PAN-OS 7.1.9-h3",
"PAN-OS 7.1.9-h2",
"PAN-OS 7.1.9-h1",
"PAN-OS 7.1.9",
"PAN-OS 7.1.8",
"PAN-OS 7.1.7",
"PAN-OS 7.1.6",
"PAN-OS 7.1.5",
"PAN-OS 7.1.4-h2",
"PAN-OS 7.1.4-h1",
"PAN-OS 7.1.4",
"PAN-OS 7.1.3",
"PAN-OS 7.1.2",
"PAN-OS 7.1.1",
"PAN-OS 7.1.0",
"PAN-OS 7.1"
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2022-0022",
"datePublished": "2022-03-09T17:35:09.466087Z",
"dateReserved": "2021-12-28T00:00:00",
"dateUpdated": "2024-09-16T20:47:18.031Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0016 (GCVE-0-2022-0016)
Vulnerability from cvelistv5
Published
2022-02-10 18:10
Modified
2024-09-17 02:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-703 - Improper Check or Handling of Exceptional Conditions
Summary
An improper handling of exceptional conditions vulnerability exists within the Connect Before Logon feature of the Palo Alto Networks GlobalProtect app that enables a local attacker to escalate to SYSTEM or root privileges when authenticating with Connect Before Logon under certain circumstances. This issue impacts GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.9 on Windows and MacOS. This issue does not affect the GlobalProtect app on other platforms.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Palo Alto Networks | GlobalProtect App |
Version: 5.2 < 5.2.9 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:18:41.378Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2022-0016"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows and MacOS"
],
"product": "GlobalProtect App",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "5.2.9",
"status": "unaffected"
}
],
"lessThan": "5.2.9",
"status": "affected",
"version": "5.2",
"versionType": "custom"
}
]
},
{
"product": "GlobalProtect App",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "5.3.*"
},
{
"lessThan": "5.1*",
"status": "unaffected",
"version": "5.1.*",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "This issue is applicable only to devices configured to use the GlobalProtect Connect Before Logon feature."
}
],
"credits": [
{
"lang": "en",
"value": "Palo Alto Networks thanks Adam Crosser (Praetorian), Brian Sizemore (Praetorian) and N. Sao (Genetec) for independently discovering and reporting this issue."
}
],
"datePublic": "2022-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An improper handling of exceptional conditions vulnerability exists within the Connect Before Logon feature of the Palo Alto Networks GlobalProtect app that enables a local attacker to escalate to SYSTEM or root privileges when authenticating with Connect Before Logon under certain circumstances. This issue impacts GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.9 on Windows and MacOS. This issue does not affect the GlobalProtect app on other platforms."
}
],
"exploits": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-703",
"description": "CWE-703 Improper Check or Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-10T18:10:16",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.paloaltonetworks.com/CVE-2022-0016"
}
],
"solutions": [
{
"lang": "en",
"value": "This issue is fixed in GlobalProtect app 5.2.9 on Windows and MacOS, and all later GlobalProtect app versions."
}
],
"source": {
"defect": [
"GPC-14404",
"GPC-13685",
"GPC-14747"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2022-02-09T00:00:00",
"value": "Initial publication"
}
],
"title": "GlobalProtect App: Privilege Escalation Vulnerability When Using Connect Before Logon",
"workarounds": [
{
"lang": "en",
"value": "There are no known workarounds for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2022-02-09T17:00:00.000Z",
"ID": "CVE-2022-0016",
"STATE": "PUBLIC",
"TITLE": "GlobalProtect App: Privilege Escalation Vulnerability When Using Connect Before Logon"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "GlobalProtect App",
"version": {
"version_data": [
{
"platform": "Windows and MacOS",
"version_affected": "\u003c",
"version_name": "5.2",
"version_value": "5.2.9"
},
{
"platform": "Windows and MacOS",
"version_affected": "!\u003e=",
"version_name": "5.2",
"version_value": "5.2.9"
},
{
"version_affected": "!\u003e=",
"version_name": "5.1",
"version_value": "5.1.*"
},
{
"version_affected": "!",
"version_name": "5.3",
"version_value": "5.3.*"
}
]
}
}
]
},
"vendor_name": "Palo Alto Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "This issue is applicable only to devices configured to use the GlobalProtect Connect Before Logon feature."
}
],
"credit": [
{
"lang": "eng",
"value": "Palo Alto Networks thanks Adam Crosser (Praetorian), Brian Sizemore (Praetorian) and N. Sao (Genetec) for independently discovering and reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper handling of exceptional conditions vulnerability exists within the Connect Before Logon feature of the Palo Alto Networks GlobalProtect app that enables a local attacker to escalate to SYSTEM or root privileges when authenticating with Connect Before Logon under certain circumstances. This issue impacts GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.9 on Windows and MacOS. This issue does not affect the GlobalProtect app on other platforms."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-703 Improper Check or Handling of Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.paloaltonetworks.com/CVE-2022-0016",
"refsource": "MISC",
"url": "https://security.paloaltonetworks.com/CVE-2022-0016"
}
]
},
"solution": [
{
"lang": "en",
"value": "This issue is fixed in GlobalProtect app 5.2.9 on Windows and MacOS, and all later GlobalProtect app versions."
}
],
"source": {
"defect": [
"GPC-14404",
"GPC-13685",
"GPC-14747"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2022-02-09T00:00:00",
"value": "Initial publication"
}
],
"work_around": [
{
"lang": "en",
"value": "There are no known workarounds for this issue."
}
],
"x_advisoryEoL": true,
"x_affectedList": [
"GlobalProtect App 5.2.8",
"GlobalProtect App 5.2.7",
"GlobalProtect App 5.2.6",
"GlobalProtect App 5.2.5",
"GlobalProtect App 5.2.4",
"GlobalProtect App 5.2.3",
"GlobalProtect App 5.2.2",
"GlobalProtect App 5.2.1",
"GlobalProtect App 5.2.0",
"GlobalProtect App 5.2"
],
"x_likelyAffectedList": [
"GlobalProtect App 5.0.10",
"GlobalProtect App 5.0.9",
"GlobalProtect App 5.0.8",
"GlobalProtect App 5.0.7",
"GlobalProtect App 5.0.6",
"GlobalProtect App 5.0.5",
"GlobalProtect App 5.0.4",
"GlobalProtect App 5.0.3",
"GlobalProtect App 5.0.2",
"GlobalProtect App 5.0.1",
"GlobalProtect App 5.0.0",
"GlobalProtect App 5.0",
"GlobalProtect App 4.1.13",
"GlobalProtect App 4.1.12",
"GlobalProtect App 4.1.11",
"GlobalProtect App 4.1.10",
"GlobalProtect App 4.1.9",
"GlobalProtect App 4.1.8",
"GlobalProtect App 4.1.7",
"GlobalProtect App 4.1.6",
"GlobalProtect App 4.1.5",
"GlobalProtect App 4.1.4",
"GlobalProtect App 4.1.3",
"GlobalProtect App 4.1.2",
"GlobalProtect App 4.1.1",
"GlobalProtect App 4.1.0",
"GlobalProtect App 4.1",
"GlobalProtect App 4.0.8",
"GlobalProtect App 4.0.7",
"GlobalProtect App 4.0.6",
"GlobalProtect App 4.0.5",
"GlobalProtect App 4.0.4",
"GlobalProtect App 4.0.3",
"GlobalProtect App 4.0.2",
"GlobalProtect App 4.0.0",
"GlobalProtect App 4.0",
"GlobalProtect App 3.1.6",
"GlobalProtect App 3.1.5",
"GlobalProtect App 3.1.4",
"GlobalProtect App 3.1.3",
"GlobalProtect App 3.1.1",
"GlobalProtect App 3.1.0",
"GlobalProtect App 3.1",
"GlobalProtect App 3.0.3",
"GlobalProtect App 3.0.2",
"GlobalProtect App 3.0.1",
"GlobalProtect App 3.0.0",
"GlobalProtect App 3.0",
"GlobalProtect App 2.3.5",
"GlobalProtect App 2.3.4",
"GlobalProtect App 2.3.3",
"GlobalProtect App 2.3.2",
"GlobalProtect App 2.3.1",
"GlobalProtect App 2.3.0",
"GlobalProtect App 2.3",
"GlobalProtect App 2.2.2",
"GlobalProtect App 2.2.1",
"GlobalProtect App 2.2.0",
"GlobalProtect App 2.2",
"GlobalProtect App 2.1.4",
"GlobalProtect App 2.1.3",
"GlobalProtect App 2.1.2",
"GlobalProtect App 2.1.1",
"GlobalProtect App 2.1.0",
"GlobalProtect App 2.1",
"GlobalProtect App 2.0.5",
"GlobalProtect App 2.0.4",
"GlobalProtect App 2.0.3",
"GlobalProtect App 2.0.2",
"GlobalProtect App 2.0.1",
"GlobalProtect App 2.0.0",
"GlobalProtect App 2.0",
"GlobalProtect App 1.2.11",
"GlobalProtect App 1.2.10",
"GlobalProtect App 1.2.9",
"GlobalProtect App 1.2.8",
"GlobalProtect App 1.2.7",
"GlobalProtect App 1.2.6",
"GlobalProtect App 1.2.5",
"GlobalProtect App 1.2.4",
"GlobalProtect App 1.2.3",
"GlobalProtect App 1.2.2",
"GlobalProtect App 1.2.1",
"GlobalProtect App 1.2.0",
"GlobalProtect App 1.2",
"GlobalProtect App 1.1.8",
"GlobalProtect App 1.1.7",
"GlobalProtect App 1.1.6",
"GlobalProtect App 1.1.5",
"GlobalProtect App 1.1.4",
"GlobalProtect App 1.1.3",
"GlobalProtect App 1.1.2",
"GlobalProtect App 1.1.1",
"GlobalProtect App 1.1.0",
"GlobalProtect App 1.1",
"GlobalProtect App 1.0.8",
"GlobalProtect App 1.0.7",
"GlobalProtect App 1.0.5",
"GlobalProtect App 1.0.3",
"GlobalProtect App 1.0.1",
"GlobalProtect App 1.0"
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2022-0016",
"datePublished": "2022-02-10T18:10:16.879284Z",
"dateReserved": "2021-12-28T00:00:00",
"dateUpdated": "2024-09-17T02:00:45.459Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…