CVE-2020-1987: 
Palo Alto Networks GlobalProtect Agent vulnerability analysis and mitigation

An information exposure vulnerability was discovered in the logging component of Palo Alto Networks GlobalProtect App, identified as CVE-2020-1987. The vulnerability was disclosed on April 8, 2020, affecting GlobalProtect App versions 5.0 (prior to 5.0.9) and 5.1 (prior to 5.1.1). This security flaw allows local authenticated users to access VPN cookie information when the troubleshooting logging level is set to "Dump" (Palo Alto Networks).

The vulnerability is classified with a CVSSv3.1 Base Score of 2.8 (LOW severity) with the following characteristics: Local attack vector, low attack complexity, low privileges required, user interaction required, unchanged scope, low confidentiality impact, and no impact on integrity or availability. The weakness is categorized as CWE-215 (Information Exposure Through Debug Information) (Palo Alto Networks).

The primary impact of this vulnerability is the potential exposure of VPN cookie information to local authenticated users. While the severity is rated as low, the exposure of such information could potentially be used in further attacks or unauthorized access attempts (Palo Alto Networks).

Palo Alto Networks has addressed this vulnerability by releasing fixed versions: GlobalProtect App 5.0.9 and GlobalProtect App 5.1.1. Users are advised to upgrade to these or later versions to mitigate the vulnerability (Palo Alto Networks).