What is CVE-2019-1573?

CVE-2019-1573 is a low-severity vulnerability in Palo Alto Networks Globalprotect Agent, classified under Sensitive Information in Resource Not Removed Before Reuse. CVSS score: 2.5/10. Published 2019-04-09.

How severe is CVE-2019-1573?

Low severity. CVSS v3 base score is 2.5 out of 10.

Vulnerability in Palo Alto Networks Globalprotect Agent

CVE-2019-1573

GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may allow a local authenticated attacker who has compromised the end-user account and gained the ability to inspect memory, to access authentication…

EPSS: 0.002 (45.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 2.5 (Low). Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N.

Affected products

Palo Alto Networks Globalprotect Agent — versions 4.1.11, 4.1

Weakness classification (CWE)

CWE-226 — Sensitive Information in Resource Not Removed Before Reuse

References

VU#192371 (third-party-advisory, x_refsource_CERT-VN)
107868 (vdb-entry, x_refsource_BID)
psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0005 (x_refsource_CONFIRM)
www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-s… (x_refsource_CONFIRM)
security.paloaltonetworks.com/CVE-2019-1573 (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2019-1573?: CVE-2019-1573 is a low-severity vulnerability in Palo Alto Networks Globalprotect Agent, classified under Sensitive Information in Resource Not Removed Before Reuse. CVSS score: 2.5/10. Published 2019-04-09.
How severe is CVE-2019-1573?: Low severity. CVSS v3 base score is 2.5 out of 10.