Improper Authorization in Cortex XSOAR - CVE-2021-3044

 

Improper Authorization in Cortex XSOAR - CVE-2021-3044

Published: June 22, 2021


Vulnerability identifier: #VU54313
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2021-3044
CWE-ID: CWE-285
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: Palo Alto Networks, Inc.
Affected software:
Cortex XSOAR

Detailed vulnerability description

The vulnerability allows a remote attacker to bypass authorization checks.

The vulnerability exists due to an error in the REST API. A remote attacker can bypass authentication process and gain unauthorized access to the application.

Note, this vulnerability affects only to Cortex XSOAR configurations with active API key integrations.


How to mitigate CVE-2021-3044

Install updates from vendor's website.

Sources