Cortex XSOAR: Information Disclosure Vulnerability

CVE-2024-9470

Currently unrated 🤨

Key Information

Vendor: Palo Alto Networks
Status: Cortex Xsoar
Vendor: CVE Published:; 9 October 2024

Badges

👾 Exploit Exists

Summary

A vulnerability in Cortex XSOAR allows the disclosure of incident data to users who do not have the privilege to view the data.

Affected Version(s)

Cortex XSOAR >= 8.0.0

Cortex XSOAR >= 6.13.0

Cortex XSOAR < 6.12.0 (Build 1271551)

Timeline

👾
Exploit exists.
Oct 10, 2024
Initial publication
Oct 9, 2024
Vulnerability published.
Oct 9, 2024

Collectors

NVD DatabaseMitre Database

Credit

Bobby Roos of Kyndryl CSIRT

.