VYPR

Cortex XSOAR

by Paloaltonetworks

CVEs (13)

  • CVE-2021-3044CriJun 22, 2021
    risk 0.64cvss 9.8epss 0.01

    An improper authorization vulnerability in Palo Alto Networks Cortex XSOAR enables a remote unauthenticated attacker with network access to the Cortex XSOAR server to perform unauthorized actions through the REST API. This issue impacts: Cortex XSOAR 6.1.0 builds later than…

  • CVE-2021-3051HigSep 8, 2021
    risk 0.53cvss 8.1epss 0.01

    An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR SAML authentication that enables an unauthenticated network-based attacker with specific knowledge of the Cortex XSOAR instance to access protected resources and perform unauthorized actions…

  • CVE-2026-0234HigApr 13, 2026
    risk 0.47cvss epss 0.00

    An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR and Cortex XSIAM platforms during integration of Microsoft Teams that enables an unauthenticated user to access and modify protected resources.

  • CVE-2022-0020MedFeb 10, 2022
    risk 0.47cvss 6.8epss 0.02

    A stored cross-site scripting (XSS) vulnerability in Palo Alto Network Cortex XSOAR web interface enables an authenticated network-based attacker to store a persistent javascript payload that will perform arbitrary actions in the Cortex XSOAR web interface on behalf of…

  • CVE-2022-0031MedNov 9, 2022
    risk 0.44cvss 6.7epss 0.00

    A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system allows a local attacker with shell access to the engine to execute programs with elevated privileges.

  • CVE-2023-3282MedNov 8, 2023
    risk 0.42cvss 6.4epss 0.00

    A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system enables a local attacker to execute programs with elevated privileges if the attacker has shell access to the engine.

  • CVE-2023-0003MedFeb 8, 2023
    risk 0.42cvss 6.5epss 0.01

    A file disclosure vulnerability in the Palo Alto Networks Cortex XSOAR server software enables an authenticated user with access to the web interface to read local files from the server.

  • CVE-2024-8689MedSep 11, 2024
    risk 0.39cvss epss 0.00

    A problem with the ActiveMQ integration for both Cortex XSOAR and Cortex XSIAM can result in the cleartext exposure of the configured ActiveMQ credentials in log bundles.

  • CVE-2024-9470MedOct 9, 2024
    risk 0.34cvss epss 0.00

    A vulnerability in Cortex XSOAR allows the disclosure of incident data to users who do not have the privilege to view the data.

  • CVE-2021-3034MedMar 10, 2021
    risk 0.33cvss 5.1epss 0.00

    An information exposure through log file vulnerability exists in Cortex XSOAR software where the secrets configured for the SAML single sign-on (SSO) integration can be logged to the '/var/log/demisto/' server logs when testing the integration during setup. This logged…

  • CVE-2026-0270MedJun 10, 2026
    risk 0.31cvss epss 0.00

    A path traversal vulnerability in Palo Alto Networks Cortex XSOAR engine software running on Linux allows an unauthenticated attacker on an adjacent network, with the ability to intercept and manipulate network response traffic via a man-in-the-middle (MITM) attack, to write…

  • CVE-2022-0027MedMay 11, 2022
    risk 0.28cvss 4.3epss 0.01

    An improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables authenticated users in non-Read-Only groups to generate an email report that contains summary information about all incidents in the Cortex XSOAR instance, including incidents to which the…

  • CVE-2021-3049LowSep 8, 2021
    risk 0.17cvss 2.6epss 0.00

    An improper authorization vulnerability in the Palo Alto Networks Cortex XSOAR server enables an authenticated network-based attacker with investigation read permissions to download files from incident investigations of which they are aware but are not a part of. This issue…