CVE-2022-0031 — Insufficient Verification of Data Authenticity in Palo Alto Networks Cortex Xsoar

CWE-345 — Insufficient Verification of Data Authenticity5 documents5 sources

Severity

6.7MEDIUMNVD

EPSS

0.0%

top 93.47%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Palo Alto Networks Cortex Xsoar Paloaltonetworks Cortex Xsoar Paloalto Cortex Xsoar

Timeline

PublishedNov 9

Latest updateDec 13

Description

A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system allows a local attacker with shell access to the engine to execute programs with elevated privileges.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages3 packages

▶CVEListV5palo_alto_networks/cortex_xsoar6.9.0.0 — 6.9.0.130766+3

▶NVDpaloaltonetworks/cortex_xsoar6.5.0, 6.6.0, 6.8.0+2

▶Palo Altopaloalto/cortex_xsoar

🔴Vulnerability Details

CVEList

Cortex XSOAR: Local Privilege Escalation (PE) Vulnerability in Cortex XSOAR Engine↗2022-11-09

▶

GHSA

GHSA-6hqr-4vm3-hg2q: A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system allows a lo↗2022-11-09

▶

📋Vendor Advisories

VMware

VMware vRealize Network Insight (vRNI) updates address command injection and directory traversal security vulnerabilities (CVE-2022-31702, CVE-2022-31703)↗2022-12-13

▶

Palo Alto

Cortex XSOAR: Local Privilege Escalation (PE) Vulnerability in Cortex XSOAR Engine↗2022-11-09

▶