PT-2023-1384 · Palo Alto Networks · Palo Alto Networks Cortex Xsoar
Eric Turpin
·
Published
2023-02-08
·
Updated
2024-02-16
·
CVE-2023-0003
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:L/Au:S/C:C/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Palo Alto Networks Cortex XSOAR (affected versions not specified)
Description
A file disclosure issue in the Palo Alto Networks Cortex XSOAR server software allows an authenticated user with access to the web interface to read local files from the server. This is related to incorrect external control of a file name or path. Exploitation of this issue may enable a remote attacker to read arbitrary files.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Palo Alto Networks Cortex Xsoar