Skip to main content

CommvaultSecurityIQ Integration CVE-2026-0274

| EUVDEUVD-2026-36150 HIGH
Weak Authentication (CWE-1390)
2026-06-10 palo_alto GHSA-fx9p-pvqh-vrhg
8.1
CVSS 4.0 · Vendor: palo_alto
Share

Severity by source

Vendor (palo_alto) PRIMARY
8.1 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Red
vuln.today AI
9.1 CRITICAL

Description states unauthenticated network access to read and modify protected resources, so AV:N/AC:L/PR:N/UI:N with C:H and I:H; availability impact is not described, so A:N.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (palo_alto).

CVSS VectorVendor: palo_alto

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Red
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

2
Patch available
Jun 10, 2026 - 23:01 EUVD
Analysis Generated
Jun 10, 2026 - 22:01 vuln.today

DescriptionCVE.org

An improper validation of credentials vulnerability in the CommvaultSecurityIQ integration for Cortex XSOAR and Cortex XSIAM allows an unauthenticated attacker to access and modify protected resources.

AnalysisAI

Improper credential validation in the CommvaultSecurityIQ integration for Palo Alto Networks Cortex XSOAR and Cortex XSIAM allows remote attackers to read and modify protected resources without authentication. The CVSS 4.0 base score of 8.1 reflects high impact to confidentiality, integrity, and availability across a network-reachable attack surface, though no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify Cortex tenant with CommvaultSecurityIQ pack
Delivery
Reach integration endpoint over network
Exploit
Send request bypassing credential check
Execution
Access protected Commvault resources
Impact
Modify or exfiltrate backup data

Vulnerability AssessmentAI

Exploitation Exploitation requires that the target Cortex XSOAR or Cortex XSIAM tenant has the CommvaultSecurityIQ marketplace integration installed and enabled, and that the attacker has network reachability to the tenant endpoint serving the integration. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H) indicates a network-reachable, low-complexity, unauthenticated path with high impact to the vulnerable system, which on paper is a high-priority issue; however, the threat-intelligence sub-vector E:U (exploit maturity Unproven), the absence from CISA KEV, the lack of a public PoC, and the limited deployment surface (only environments that have installed and configured the CommvaultSecurityIQ integration) substantially lower realistic risk. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A remote attacker who can reach the Cortex XSOAR or XSIAM tenant endpoints hosting the CommvaultSecurityIQ integration sends crafted requests that bypass credential validation, then queries or modifies Commvault-managed resources such as backup job metadata, retention policies, or stored secrets. Because the issue requires no authentication and no user interaction, exploitation could be scripted, but no public exploit identified at time of analysis limits opportunistic abuse to actors with their own research.
Remediation Patch available per vendor advisory: review https://security.paloaltonetworks.com/CVE-2026-0274 and update the CommvaultSecurityIQ marketplace content pack in both Cortex XSOAR and Cortex XSIAM tenants to the fixed version listed by Palo Alto Networks. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: identify all XSOAR and XSIAM deployments using CommvaultSecurityIQ integration and assess external network exposure. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-0274 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy