CVE-2020-1989
7
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An incorrect privilege assignment vulnerability when writing application-specific files in the Palo Alto Networks Global Protect Agent for Linux on ARM platform allows a local authenticated user to gain root privileges on the system. This issue affects Palo Alto Networks Global Protect Agent for Linux 5.0 versions before 5.0.8; 5.1 versions before 5.1.1.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Palo Alto Networks | Global Protect Agent | 5.0 < 5.0.8 | affected |
| Palo Alto Networks | Global Protect Agent | 5.1 < 5.1.1 | affected |
Weaknesses
- CWE-266: CWE-266 Incorrect Privilege Assignment
Workarounds
There are no viable workarounds for this issue.
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.