Improper Authorization in Cortex XSOAR - CVE-2021-3044
Published: June 22, 2021
Vulnerability identifier: #VU54313
CSH Severity: High
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2021-3044
CWE-ID: CWE-285
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Cortex XSOAR
Cortex XSOAR
Software vendor:
Palo Alto Networks, Inc.
Palo Alto Networks, Inc.
Description
The vulnerability allows a remote attacker to bypass authorization checks.
The vulnerability exists due to an error in the REST API. A remote attacker can bypass authentication process and gain unauthorized access to the application.
Note, this vulnerability affects only to Cortex XSOAR configurations with active API key integrations.
Remediation
Install updates from vendor's website.