CVE-2022-0013Insertion of Sensitive Information into Externally-Accessible File or Directory in Palo Alto Networks Cortex XDR Agent

CWE-538Insertion of Sensitive Information into Externally-Accessible File or DirectoryCWE-200Sensitive Information Exposure5 documents5 sources
Severity
5.5MEDIUMNVD
CNA5.0
EPSS
0.1%
top 83.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Palo Alto Networks Cortex XDR AgentPaloaltonetworks Cortex XDR AgentPaloalto Cortex XDR Agent
Timeline
PublishedJan 12
Latest updateApr 14

Description

A file information exposure vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local attacker to read the contents of arbitrary files on the system with elevated privileges when generating a support file. This issue impacts: Cortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.12; Cortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.9; Cortex XDR agent 7.2 versions earlier than Cortex XDR agent 7.2.4; Cortex XDR agent 7.3 versions earlier than Co

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

NVDpaloaltonetworks/cortex_xdr_agent5.05.0.12+3
CVEListV5palo_alto_networks/cortex_xdr_agent7.27.2.4+3

🔴Vulnerability Details

2
GHSA
GHSA-wmg3-55rj-pwcx: A file information exposure vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local attacker to read the contents of arbi2022-01-13
CVEList
Cortex XDR Agent: File Information Exposure Vulnerability When Generating Support File2022-01-12

📋Vendor Advisories

2
VMware
VMware Cloud Director update addresses remote code execution vulnerability (CVE-2022-22966)2022-04-14
Palo Alto
Cortex XDR Agent: File Information Exposure Vulnerability When Generating Support File2022-01-12
CVE-2022-0013 — Palo vulnerability | cvebase