The host is installed with GlobalProtect Agent version 4.1.0 and is prone to a local information disclosure vulnerability. A flaw is present in the application, which fails to properly handle the session tokens. Successful exploitation could allow attackers to obtain sensitive information that may aid in launching further attacks.