cbcvebase.
CVE-2023-0003
published 2023-02-08

CVE-2023-0003: A file disclosure vulnerability in the Palo Alto Networks Cortex XSOAR server software enables an authenticated user with access to the web interface to read…

PriorityP335medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
EPSS
1.16%
63.2th percentile
A file disclosure vulnerability in the Palo Alto Networks Cortex XSOAR server software enables an authenticated user with access to the web interface to read local files from the server.

Affected

12 ranges
VendorProductVersion rangeFixed in
fedoraprojectfedora
fedoraprojectfedora
fedoraprojectfedora
palo_alto_networkscortex_xsoar>= 6.10.0.0 < 6.10.0.1859646.10.0.185964
palo_alto_networkscortex_xsoar>= 6.6 < 6.6.B1861156.6.B186115
palo_alto_networkscortex_xsoar>= 6.8 < 6.8.B1857196.8.B185719
palo_alto_networkscortex_xsoar>= 6.9 < 6.9.B1854156.9.B185415
paloaltocortex_xsoar
paloaltonetworkscortex_xsoar
paloaltonetworkscortex_xsoar
paloaltonetworkscortex_xsoar
paloaltonetworkscortex_xsoar>= 6.10.0 < 6.10.0.1859646.10.0.185964
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.