Paloalto Cortex Xsoar vulnerabilities

CVE-2024-9470 [MEDIUM] CWE-497 Cortex XSOAR: Information Disclosure Vulnerability Cortex XSOAR: Information Disclosure Vulnerability A vulnerability in Cortex XSOAR allows the disclosure of incident data to users who do not have the privilege to view the data. Affected products: Cortex XSOAR Solution: This issue is fixed in Cortex XSOAR 6.12.0 (Build 1271551), and all later Cortex XSOAR versions.

CVE-2024-47076 [HIGH] CWE-78 Informational: No Impact of CUPS Vulnerabilities on Palo Alto Networks Products Informational: No Impact of CUPS Vulnerabilities on Palo Alto Networks Products The Palo Alto Networks Product Security Assurance team has evaluated CVE-2024-47076, CVE-2024-47177, CVE-2024-47175, and CVE-2024-47176 in the Common UNIX Printing System (CUPS) as they relate to our products. Based on current information, Palo Alto Networks products and cloud services do not contain affecte

CVE-2024-21626 [HIGH] CWE-22 PAN-SA-2024-0002 Impact of Leaky Vessels Vulnerabilities (CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653) PAN-SA-2024-0002 Impact of Leaky Vessels Vulnerabilities (CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653) The Palo Alto Networks Product Security Assurance team has evaluated the four vulnerabilities in Open Container Initiative's runc and Moby BuildKit software (collectively known as "Leaky Vessels") as it relates to our

CVE-2023-3282 [MEDIUM] CWE-732 Cortex XSOAR: Local Privilege Escalation (PE) Vulnerability in Cortex XSOAR Engine Cortex XSOAR: Local Privilege Escalation (PE) Vulnerability in Cortex XSOAR Engine A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system enables a local attacker to execute programs with elevated privileges if the attacker has shell access to the engine. Affected products: Cortex XSOAR Solution: T

CVE-2023-34362 [CRITICAL] PAN-SA-2023-0003 Informational Bulletin: Impact of MOVEit Vulnerabilities (CVE-2023-34362, CVE-2023-35036, CVE-2023-35708) PAN-SA-2023-0003 Informational Bulletin: Impact of MOVEit Vulnerabilities (CVE-2023-34362, CVE-2023-35036, CVE-2023-35708) The Palo Alto Networks Product Security Assurance team has evaluated the recently disclosed critical Structured Query Language injection (SQLi) vulnerabilities (CVE-2023-34362, CVE-2023-35036, CVE-2023-35708) in the MOVEit Tran

CVE-2023-0003 [MEDIUM] CWE-73 Cortex XSOAR: Local File Disclosure Vulnerability in the Cortex XSOAR Server Cortex XSOAR: Local File Disclosure Vulnerability in the Cortex XSOAR Server A file disclosure vulnerability in the Palo Alto Networks Cortex XSOAR server software enables an authenticated user with access to the web interface to read local files from the server. Affected products: Cortex XSOAR Solution: This issue is fixed in Cortex XSOAR 6.6 build B186115, Cortex XSOAR 6.8 build B18571

CVE-2023-0286 [MEDIUM] PAN-SA-2023-0001 Impact of OpenSSL Vulnerabilities Disclosed Feb 7, 2023 PAN-SA-2023-0001 Impact of OpenSSL Vulnerabilities Disclosed Feb 7, 2023 The Palo Alto Networks Product Security Assurance team has evaluated the OpenSSL vulnerabilities that were disclosed on February 7, 2023 (CVE-2023-0286, CVE-2022-4304, CVE-2022-4203, CVE-2023-0215, CVE-2022-4450, CVE-2023-0216, CVE-2023-0217, and CVE-2023-0401) as it relates to our products. At this time, there are no demonstrat

CVE-2022-3996 [HIGH] CWE-667 PAN-SA-2022-0007 Impact of OpenSSL 3.0 Vulnerability CVE-2022-3996 PAN-SA-2022-0007 Impact of OpenSSL 3.0 Vulnerability CVE-2022-3996 The OpenSSL Project has published a vulnerability CVE-2022-3996 that affects OpenSSL versions 3.0.0 through 3.0.7 on December 13, 2022. CVEs: CVE-2022-3996 Affected products: Cortex Data, Cortex XDR, Cortex XSOAR, Cortex Xpanse, GlobalProtect, PAN-OS, Prisma Access, Prisma Cloud, Prisma SD

CVE-2022-42889 [CRITICAL] CWE-94 CVE-2022-42889 Impact of Apache Text Commons Vulnerability CVE-2022-42889 CVE-2022-42889 Impact of Apache Text Commons Vulnerability CVE-2022-42889 Palo Alto Networks has evaluated the Apache Commons Text library vulnerability CVE-2022-42889, known as Text4Shell, for all products and services. The Palo Alto Networks Product Security Assurance team has confirmed that all products and services are not impacted by this vulnerability. CVE Summary CVE-2022-42889 Apac

CVE-2022-0031 [MEDIUM] CWE-345 Cortex XSOAR: Local Privilege Escalation (PE) Vulnerability in Cortex XSOAR Engine Cortex XSOAR: Local Privilege Escalation (PE) Vulnerability in Cortex XSOAR Engine A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system allows a local attacker with shell access to the engine to execute programs with elevated privileges. Affected products: Cortex XSOAR Solution: This issue is fix

CVE-2022-3786 [HIGH] PAN-SA-2022-0006 Impact of OpenSSL 3.0 Vulnerabilities CVE-2022-3786 and CVE-2022-3602 PAN-SA-2022-0006 Impact of OpenSSL 3.0 Vulnerabilities CVE-2022-3786 and CVE-2022-3602 The OpenSSL Project has published two high CVEs: CVE-2022-3602, CVE-2022-3786 Affected products: Cortex Data, Cortex XDR, Cortex XSOAR, Cortex Xpanse, GlobalProtect, PAN-OS, Prisma Access, Prisma Cloud, Prisma SD

CVE-2022-0027 [MEDIUM] CWE-285 Cortex XSOAR: Incorrect Authorization Vulnerability When Generating Reports Cortex XSOAR: Incorrect Authorization Vulnerability When Generating Reports An improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables authenticated users in non-Read-Only groups to generate an email report that contains summary information about all incidents in the Cortex XSOAR instance, including incidents to which the user does not have access. Affected

CVE-2022-22963 [CRITICAL] CWE-497 Informational: Impact of Spring Vulnerabilities CVE-2022-22963 and CVE-2022-22965 Informational: Impact of Spring Vulnerabilities CVE-2022-22963 and CVE-2022-22965 The Palo Alto Networks Product Security Assurance team has completed its evaluation of the Spring Cloud Function vulnerability CVE-2022-22963 and Spring Core vulnerability CVE-2022-22965 for all products and services. All Palo Alto Networks cloud services with possible impact have been mitigated and

CVE-2022-0778 [HIGH] CWE-834 Impact of the OpenSSL Infinite Loop Vulnerability CVE-2022-0778 Impact of the OpenSSL Infinite Loop Vulnerability CVE-2022-0778 The Palo Alto Networks Product Security Assurance team has evaluated the OpenSSL infinite loop vulnerability (CVE-2022-0778) as it relates to our products. This vulnerability causes the OpenSSL library to enter an infinite loop when parsing an invalid certificate and can result in a Denial-of-Service (DoS) to the application. An attacker d

CVE-2022-0020 [MEDIUM] CWE-79 Cortex XSOAR: Stored Cross-Site Scripting (XSS) Vulnerability in Web Interface Cortex XSOAR: Stored Cross-Site Scripting (XSS) Vulnerability in Web Interface A stored cross-site scripting (XSS) vulnerability in Palo Alto Network Cortex XSOAR web interface enables an authenticated network-based attacker to store a persistent javascript payload that will perform arbitrary actions in the Cortex XSOAR web interface on behalf of authenticated administrators who encounte

CVE-2021-44228 [CRITICAL] CWE-94 Impact of Log4j Vulnerabilities CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, and CVE-2021-44832 Impact of Log4j Vulnerabilities CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, and CVE-2021-44832 Apache Log4j Java library is vulnerable to a remote code execution vulnerability CVE-2021-44228, known as Log4Shell, and related vulnerabilities CVE-2021-45046, CVE-2021-45105, and CVE-2021-44832. Log4Shell allows remote unauthenticated attackers with the ability to i

CVE-2021-3051 [HIGH] CWE-347 Cortex XSOAR: Authentication Bypass in SAML Authentication Cortex XSOAR: Authentication Bypass in SAML Authentication An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR SAML authentication that enables an unauthenticated network-based attacker with specific knowledge of the Cortex XSOAR instance to access protected resources and perform unauthorized actions on the Cortex XSOAR server. Affected products: Cortex XSOAR Solution:

CVE-2021-3049 [MEDIUM] CWE-285 Cortex XSOAR: Improper Authorization of Incident Investigations Vulnerability Cortex XSOAR: Improper Authorization of Incident Investigations Vulnerability An improper authorization vulnerability in the Palo Alto Networks Cortex XSOAR server enables an authenticated network-based attacker with investigation read permissions to download files from incident investigations of which they are aware but are not a part of. Affected products: Cortex XSOAR Solution: Thi

CVE-2021-3044 [CRITICAL] CWE-285 Cortex XSOAR: Unauthorized Usage of the REST API Cortex XSOAR: Unauthorized Usage of the REST API An improper authorization vulnerability in Palo Alto Networks Cortex XSOAR enables a remote unauthenticated attacker with network access to the Cortex XSOAR server to perform unauthorized actions through the REST API. Affected products: Cortex XSOAR Solution: This issue is fixed in Cortex XSOAR 6.1.0 build 1271064, Cortex XSOAR 6.2.0 build 1271065, and all later C

CVE-2021-3034 [MEDIUM] CWE-532 Cortex XSOAR: Secrets for SAML single sign-on (SSO) integration may be logged in system logs Cortex XSOAR: Secrets for SAML single sign-on (SSO) integration may be logged in system logs An information exposure through log file vulnerability exists in Cortex XSOAR software where the secrets configured for the SAML single sign-on (SSO) integration can be logged to the '/var/log/demisto/' server logs when testing the integration during setup. This logged information