Unauthenticated Command Injection Vulnerability in Palo Alto Networks Cortex XSOAR CommonScripts Pack
CVE-2024-5914
9.8CRITICAL
Key Information:
- Vendor
Palo Alto Networks
- Vendor
- CVE Published:
- 14 August 2024
What is CVE-2024-5914?
A command injection vulnerability exists within the Palo Alto Networks Cortex XSOAR CommonScripts Pack. This issue enables unauthenticated attackers to execute arbitrary commands in the context of an integration container, potentially compromising the integrity and security of the application. The vulnerability underscores the importance of secure coding practices in developing integrations for security solutions, as any exploitation may lead to unauthorized actions that could affect the broader security posture of an organization.