CVE-2023-0003 — External Control of File Name or Path in Palo Alto Networks Cortex Xsoar

CWE-73 — External Control of File Name or Path CWE-610 — Externally Controlled Reference to a Resource in Another Sphere5 documents5 sources

Severity

6.5MEDIUMNVD

EPSS

1.4%

top 19.75%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Palo Alto Networks Cortex Xsoar Paloaltonetworks Cortex Xsoar Fedoraproject Fedora +1 more

Timeline

PublishedFeb 8

Description

A file disclosure vulnerability in the Palo Alto Networks Cortex XSOAR server software enables an authenticated user with access to the web interface to read local files from the server.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages3 packages

▶NVDpaloaltonetworks/cortex_xsoar6.10.0 — 6.10.0.185964+3

▶CVEListV5palo_alto_networks/cortex_xsoar6.10.0.0 — 6.10.0.185964+3

▶Palo Altopaloalto/cortex_xsoar

Also affects: Fedora 37, 38, 39

🔴Vulnerability Details

CVEList

Cortex XSOAR: Local File Disclosure Vulnerability in the Cortex XSOAR Server↗2023-02-08

▶

GHSA

GHSA-rfc4-38hf-4pmp: A file disclosure vulnerability in the Palo Alto Networks Cortex XSOAR server software enables an authenticated user with access to the web interface↗2023-02-08

▶

📋Vendor Advisories

Palo Alto

Cortex XSOAR: Local File Disclosure Vulnerability in the Cortex XSOAR Server↗2023-02-08

▶

VMware

VMware Workstation update addresses an arbitrary file deletion vulnerability (CVE-2023-20854)↗2023-02-02

▶