Marcel Maeder

**Name of the Vulnerable Software and Affected Versions** Cortex XSOAR and Cortex XSIAM (affected versions not specified) **Description** The issue is related to the storage of protected information in an unencrypted form in the ActiveMQ message broker integration. This could allow a remote attacker to expose protected information. The problem results in the cleartext exposure of the configured ActiveMQ credentials in log bundles. **Recommendations** For Cortex XSOAR and Cortex XSIAM, consider disabling the ActiveMQ integration until a patch is available to prevent the cleartext exposure of credentials. Restrict access to log bundles to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Email Security Appliance (ESA) (affected versions not specified) **Description** The issue is related to the Sender Policy Framework (SPF) component of the Cisco Email Security Appliance (ESA), which has a vulnerability due to insufficient input validation. This could allow a remote attacker to bypass configured content filters, potentially compromising the integrity of protected information. An attacker can exploit this by sending a customized SPF packet to an affected device, allowing malicious content to pass through the device. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.