CVE-2021-3044Improper Authorization in Palo Alto Networks Cortex Xsoar

CWE-285Improper AuthorizationCWE-863Incorrect Authorization4 documents4 sources
Severity
9.8CRITICALNVD
EPSS
0.4%
top 42.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Palo Alto Networks Cortex XsoarPaloaltonetworks Cortex XsoarPaloalto Cortex Xsoar
Timeline
PublishedJun 22
Latest updateMay 24

Description

An improper authorization vulnerability in Palo Alto Networks Cortex XSOAR enables a remote unauthenticated attacker with network access to the Cortex XSOAR server to perform unauthorized actions through the REST API. This issue impacts: Cortex XSOAR 6.1.0 builds later than 1016923 and earlier than 1271064; Cortex XSOAR 6.2.0 builds earlier than 1271065. This issue does not impact Cortex XSOAR 5.5.0, Cortex XSOAR 6.0.0, Cortex XSOAR 6.0.1, or Cortex XSOAR 6.0.2 versions. All Cortex XSOAR instanc

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages3 packages

CVEListV5palo_alto_networks/cortex_xsoar10169236.1.0*+1
NVDpaloaltonetworks/cortex_xsoar6.1.0, 6.2.0+1

🔴Vulnerability Details

2
GHSA
GHSA-266x-3x8x-xj7x: An improper authorization vulnerability in Palo Alto Networks Cortex XSOAR enables a remote unauthenticated attacker with network access to the Cortex2022-05-24
CVEList
Cortex XSOAR: Unauthorized Usage of the REST API2021-06-22

📋Vendor Advisories

1
Palo Alto
Cortex XSOAR: Unauthorized Usage of the REST API2021-06-22
CVE-2021-3044 — Improper Authorization in Palo | cvebase