Palo Alto Networks · Palo Alto Networks Cortex Xsoar · CVE-2023-0003
**Name of the Vulnerable Software and Affected Versions**
Palo Alto Networks Cortex XSOAR (affected versions not specified)
**Description**
A file disclosure issue in the Palo Alto Networks Cortex XSOAR server software allows an authenticated user with access to the web interface to read local files from the server. This is related to incorrect external control of a file name or path. Exploitation of this issue may enable a remote attacker to read arbitrary files.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.