Credential Management Flaw in Palo Alto Networks Cortex XDR Broker VM
CVE-2025-2184

5.3MEDIUM

Key Information:

Vendor: Palo Alto Networks
Status: Cortex Xdr Broker Vm
Vendor: CVE Published:; 13 August 2025

🔔 Create Palo Alto Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2025-2184?

A security vulnerability exists within Palo Alto Networks Cortex XDR Broker VM that allows multiple images of Broker VM to use identical default credentials for internal services. An attacker who has network access to the Broker VM can exploit this flaw to gain unauthorized access to internal services on other installations, raising significant security concerns for organizations reliant on this technology.

Affected Version(s)

Cortex XDR Broker VM 28.0.0 < 28.0.52

References

https://security.paloaltonetworks.com/CVE-2025-2184

vendor-advisory

CVSS V4

Score:

5.3

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Physical

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Aug 13, 2025
Vulnerability published
Aug 13, 2025
Vulnerability Reserved
Mar 10, 2025

Credit

This issue was discovered during an internal penetration test.