Improper access control in Cortex XSOAR - CVE-2022-0027
Published: May 11, 2022
Vulnerability identifier: #VU63076
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2022-0027
CWE-ID: CWE-284
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Palo Alto Networks, Inc.
Affected software:
Cortex XSOAR
Cortex XSOAR
Detailed vulnerability description
The vulnerability allows a remote user to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions. A remote user in non-Read-Only groups can generate an email report that contains summary information about all incidents in the Cortex XSOAR instance, including incidents to which the user does not have access.
How to mitigate CVE-2022-0027
Install updates from vendor's website.