PT-2024-7785 · Palo Alto Networks+1 · Cortex Xsoar+2
Marcel Maeder
·
Published
2024-09-11
·
Updated
2024-09-12
·
CVE-2024-8689
CVSS v4.0
6.0
Medium
| Vector | AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/AU:N/R:A/V:D/RE:M/U:Amber |
Name of the Vulnerable Software and Affected Versions
Cortex XSOAR and Cortex XSIAM (affected versions not specified)
Description
The issue is related to the storage of protected information in an unencrypted form in the ActiveMQ message broker integration. This could allow a remote attacker to expose protected information. The problem results in the cleartext exposure of the configured ActiveMQ credentials in log bundles.
Recommendations
For Cortex XSOAR and Cortex XSIAM, consider disabling the ActiveMQ integration until a patch is available to prevent the cleartext exposure of credentials.
Restrict access to log bundles to minimize the risk of exploitation.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Cleartext Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Activemq
Cortex Xsiam
Cortex Xsoar