Vulnerabilities > Paloaltonetworks > Globalprotect > 5.0.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-13 | CVE-2020-2004 | Information Exposure Through Log Files vulnerability in Paloaltonetworks Globalprotect Under certain circumstances a user's password may be logged in cleartext in the PanGPS.log diagnostic file when logs are collected for troubleshooting on GlobalProtect app (also known as GlobalProtect Agent) for MacOS and Windows. | 5.5 |
| 2020-04-08 | CVE-2020-1989 | Improper Privilege Management vulnerability in Paloaltonetworks Globalprotect An incorrect privilege assignment vulnerability when writing application-specific files in the Palo Alto Networks Global Protect Agent for Linux on ARM platform allows a local authenticated user to gain root privileges on the system. | 7.8 |
| 2020-04-08 | CVE-2020-1987 | Information Exposure Through Log Files vulnerability in Paloaltonetworks Globalprotect An information exposure vulnerability in the logging component of Palo Alto Networks Global Protect Agent allows a local authenticated user to read VPN cookie information when the troubleshooting logging level is set to "Dump". | 3.3 |
| 2020-02-12 | CVE-2020-1976 | Improper Input Validation vulnerability in Paloaltonetworks Globalprotect A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect software running on Mac OS allows authenticated local users to cause the Mac OS kernel to hang or crash. | 5.5 |
| 2019-10-16 | CVE-2019-17436 | Unspecified vulnerability in Paloaltonetworks Globalprotect A Local Privilege Escalation vulnerability exists in GlobalProtect Agent for Linux and Mac OS X version 5.0.4 and earlier and version 4.1.12 and earlier, that can allow non-root users to overwrite root files on the file system. | 7.1 |