CVE Tools
Sign in

CVE-2020-2033

GlobalProtect App: Missing certificate validation vulnerability can disclose pre-logon authentication cookie

Published: Jun 10, 2020Updated: Nov 21, 2024 Sources: CVE List NVD BDUCWE-290
NVD MITRE
5.3CVSSMEDIUM
EPSS Score
0.8%
Top 49.5%
CISA KEV
Not in KEV
Exploits
No Known Exploits
Remediation
Patch Available

Description

When the pre-logon feature is enabled, a missing certification validation in Palo Alto Networks GlobalProtect app can disclose the pre-logon authentication cookie to a man-in-the-middle attacker on the same local area network segment with the ability to manipulate ARP or to conduct ARP spoofing attacks. This allows the attacker to access the GlobalProtect Server as allowed by configured Security rules for the 'pre-login' user. This access may be limited compared to the network access of regular users. This issue affects: GlobalProtect app 5.0 versions earlier than GlobalProtect app 5.0.10 when the prelogon feature is enabled; GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.4 when the prelogon feature is enabled.

CVSS Vector Breakdown

AV:AAC:HPR:NUI:NS:UC:HI:NA:N
Exploitability
AV:AAttack Vector
Adjacent
AC:HAttack Complexity
High
PR:NPrivileges Required
None
UI:NUser Interaction
None
Scope
S:UScope
Unchanged
Impact
C:HConfidentiality
High
I:NIntegrity
None
A:NAvailability
None
Open in CVSS calculator →

Weaknesses

CWE-290CWE-295

Affected Products

GlobalProtect AppPalo Alto NetworksSecurity Products
globalprotectpaloaltonetworksSecurity Products
GlobalProtect Agent for WindowsPalo Alto Networks Inc.Security Products
palo alto networkscommercialUSSecurity Productsaka pan-os, prisma access, cloud ngfw
paloaltonetworkscommercialUSSecurity Productsaka palo alto networks, panw
palo alto networks inc.commercialUSSecurity Productsaka paloaltonetworks, pan inc.

Attack Graph

Products CVE Techniques Tactics

Click technique nodes to view MITRE ATT&CK details. Scroll to zoom, drag to pan.

Exploitability

Official Patch Available
Workaround Available

MITRE ATT&CK

2 techniques
Collection
Initial Access
View detailed technique mapping

References

https://security.paloaltonetworks.com/CVE-2020-2033
security.paloaltonetworks.com
https://security.paloaltonetworks.com/CVE-2020-2033
security.paloaltonetworks.com
https://nvd.nist.gov/vuln/detail/CVE-2020-2033
nvd.nist.gov

Timeline

Published
Jun 10, 2020
Last Updated
Nov 21, 2024

Unlock Complete Vulnerability Intelligence

Get the full picture for CVE-2020-2033 and every CVE in our database. Create a free account — no credit card required.

Create Free Account
Plain-language analysis
Impact assessment and exploitation scenario in plain English
Attack graph visualization
Interactive attack path and kill chain mapping
Exploit details & PoC links
ExploitDB, Metasploit, GitHub PoCs with direct links
Nuclei scanner templates
Ready-to-use vulnerability scanner templates
Full remediation guide
Patch instructions, workarounds, and compliance impact
Interactive AI chat
Ask questions about this vulnerability in natural language
Related vulnerabilities
Semantically similar CVEs and attack patterns
REST API & MCP access
Integrate vulnerability data into your workflows