Paul Van Der Haas

**Name of the Vulnerable Software and Affected Versions** ReCrystallize Server version 5.10.0.0 **Description** The issue concerns an authorization mechanism that relies on the value of a cookie but does not bind this value to a session ID. This allows attackers to easily modify the cookie value within a browser or by implementing client-side code outside of a browser, thereby bypassing the authentication mechanism by modifying the cookie to contain an expected value. **Recommendations** For ReCrystallize Server version 5.10.0.0, consider implementing a secure binding of cookie values to session IDs to prevent unauthorized access. As a temporary workaround, restrict access to sensitive areas of the server that rely on the cookie-based authentication mechanism until a proper fix is implemented. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ReCrystallize Server version 5.10.0.0 **Description** The issue allows administrators to upload files to the server without restrictions, leading to the potential upload of malicious files. This could result in Remote Code Execution. **Recommendations** For ReCrystallize Server version 5.10.0.0, restrict file upload capabilities to prevent the upload of malicious files until a patch is available. As a temporary workaround, consider implementing strict validation and sanitization of uploaded files to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Cortex XDR Agent versions prior to 5.0.10 Cortex XDR Agent versions prior to 6.1.7 Cortex XDR Agent versions prior to 7.0.3 Cortex XDR Agent versions prior to 7.1.2 **Description** An improper handling of exceptional conditions issue allows a local authenticated Windows user to create files in the software's internal program directory, preventing the Cortex XDR Agent from starting. The condition is persistent and prevents the agent from starting when the software or machine is restarted. **Recommendations** For versions prior to 5.0.10, update to version 5.0.10 or later. For versions prior to 6.1.7, update to version 6.1.7 or later. For versions prior to 7.0.3, update to version 7.0.3 or later. For versions prior to 7.1.2, update to version 7.1.2 or later.