CVE-2022-0027

Cortex XSOAR: Incorrect Authorization Vulnerability When Generating Reports

CVSS 4.3 MEDIUMEPSS 0.5%CWE-285

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 4.3EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

11 May 2022Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

An improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables authenticated users in non-Read-Only groups to generate an email report that contains summary information about all incidents in the Cortex XSOAR instance, including incidents to which the user does not have access. This issue impacts: All versions of Cortex XSOAR 6.1; All versions of Cortex XSOAR 6.2; All versions of Cortex XSOAR 6.5; Cortex XSOAR 6.6 versions earlier than Cortex XSOAR 6.6.0 build 6.6.0.2585049.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Affected products

Palo Alto Networks · Cortex XSOAR

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://security.paloaltonetworks.com/CVE-2022-0027