OS Command Injection in Cortex XSOAR CommonScripts - CVE-2024-5914

 

OS Command Injection in Cortex XSOAR CommonScripts - CVE-2024-5914

Published: August 14, 2024


Vulnerability identifier: #VU96017
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2024-5914
CWE-ID: CWE-78
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: Palo Alto Networks, Inc.
Affected software:
Cortex XSOAR CommonScripts

Detailed vulnerability description

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation. A remote unauthenticated attacker can pass specially crafted data to the application and execute arbitrary OS commands on the target system.

Successful exploitation of this vulnerability requires usage of ScheduleGenericPolling or GenericPollingScheduledTask scripts from the CommonScripts pack.


How to mitigate CVE-2024-5914

Install updates from vendor's website.

Sources