Medium severity5.1NVD Advisory· Published Mar 10, 2021· Updated Jun 17, 2026
CVE-2021-3034
CVE-2021-3034
Description
An information exposure through log file vulnerability exists in Cortex XSOAR software where the secrets configured for the SAML single sign-on (SSO) integration can be logged to the '/var/log/demisto/' server logs when testing the integration during setup. This logged information includes the private key and identity provider certificate used to configure the SAML SSO integration. This issue impacts: Cortex XSOAR 5.5.0 builds earlier than 98622; Cortex XSOAR 6.0.1 builds earlier than 830029; Cortex XSOAR 6.0.2 builds earlier than 98623; Cortex XSOAR 6.1.0 builds earlier than 848144.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
25.5.0 < 98622, 6.0.1 < 830029, 6.0.2 < 98623, 6.1.0 < 848144+ 1 more
- (no CPE)range: 5.5.0 < 98622, 6.0.1 < 830029, 6.0.2 < 98623, 6.1.0 < 848144
- (no CPE)range: 5.5.0
Patches
Vulnerability mechanics
References
1- security.paloaltonetworks.com/CVE-2021-3034nvdVendor Advisory
News mentions
0No linked articles in our index yet.