PT-2023-1384 · Palo Alto Networks · Palo Alto Networks Cortex Xsoar

Eric Turpin

Publicado

2023-02-08

Atualizado

2024-02-16

CVE-2023-0003

CVSS v2.0

6.8

Média

Vetor

AV:N/AC:L/Au:S/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions Palo Alto Networks Cortex XSOAR (affected versions not specified)

Description A file disclosure issue in the Palo Alto Networks Cortex XSOAR server software allows an authenticated user with access to the web interface to read local files from the server. This is related to incorrect external control of a file name or path. Exploitation of this issue may enable a remote attacker to read arbitrary files.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-610CWE-73

Identificadores relacionados

BDU:2023-00751

CVE-2023-0003

Produtos afetados

Palo Alto Networks Cortex Xsoar

PT-2023-1384 · Palo Alto Networks · Palo Alto Networks Cortex Xsoar

CVE-2023-0003

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 19