Cortex XSOAR: Improper Authorization of Incident Investigations Vulnerability
CVE-2021-3049
2.6LOW
Key Information
- Vendor
- Palo Alto Networks
- Status
- Cortex Xsoar
- Vendor
- CVE Published:
- 8 September 2021
Badges
👾 Exploit Exists
Summary
An improper authorization vulnerability in the Palo Alto Networks Cortex XSOAR server enables an authenticated network-based attacker with investigation read permissions to download files from incident investigations of which they are aware but are not a part of. This issue impacts: All Cortex XSOAR 5.5.0 builds; Cortex XSOAR 6.1.0 builds earlier than 12099345. This issue does not impact Cortex XSOAR 6.2.0 versions.
Affected Version(s)
Cortex XSOAR = 5.5.0 all
Cortex XSOAR >= 6.2.0 all
Cortex XSOAR < 12099345
CVSS V3.1
Score:
2.6
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged
Timeline
- 👾
Exploit exists.
Risk change from: 4.3 to: 2.6 - (LOW)
Initial publication
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database
Credit
Palo Alto Networks would like to thank CAGIP for discovering and reporting this issue.