Information disclosure in Cortex XSOAR



Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2024-9470
CWE-ID CWE-284
Exploitation vector Network
Public exploit N/A
Vulnerable software
Cortex XSOAR
Server applications / DLP, anti-spam, sniffers

Vendor Palo Alto Networks, Inc.

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Improper access control

EUVDB-ID: #VU98347

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-9470

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote user to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions. A remote user can bypass implemented security restrictions and gain unauthorized access to incident data they are not supposed to access.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cortex XSOAR: 6.0.1 build 81077 - 6.12.0 493375

CPE2.3 External links

http://security.paloaltonetworks.com/CVE-2024-9470


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###