CVE-2023-3282
published 2023-11-08CVE-2023-3282: A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system enables a local…
PriorityP429medium6.7CVSS 3.1
AVLACLPRHUINSUCHIHAH
EPSS
0.17%
7.1th percentile
A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system enables a local attacker to execute programs with elevated privileges if the attacker has shell access to the engine.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| palo_alto_networks | cortex_xsoar | >= 6.10 < 6.10.0.250144 | 6.10.0.250144 |
| paloalto | cortex_xsoar | — | — |
| paloaltonetworks | cortex_xsoar | < 6.10.0 | 6.10.0 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-583v-xw8h-qw2h: A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system enables a l
ghsa_unreviewed·2023-11-08
CVE-2023-3282 [MEDIUM] CWE-732 GHSA-583v-xw8h-qw2h: A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system enables a l
A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system enables a local attacker to execute programs with elevated privileges if the attacker has shell access to the engine.
Palo Alto
Cortex XSOAR: Local Privilege Escalation (PE) Vulnerability in Cortex XSOAR Engine
vendor_paloalto·2023-11-08·CVSS 6.7
CVE-2023-3282 [MEDIUM] CWE-732 Cortex XSOAR: Local Privilege Escalation (PE) Vulnerability in Cortex XSOAR Engine
Cortex XSOAR: Local Privilege Escalation (PE) Vulnerability in Cortex XSOAR Engine
A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system enables a local attacker to execute programs with elevated privileges if the attacker has shell access to the engine.
Affected products: Cortex XSOAR
Solution: This issue is fixed in deployed Cortex XSOAR engines when an updated engine installer is created and used to upgrade the engine from Cortex XSOAR 6.10 build B250144 and all later builds of Cortex XSOAR.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-11-08
Published