Skip to main content

Cortex Xsoar

9 CVEs product

Monthly

CVE-2026-0270 MEDIUM PATCH This Month

Path traversal in Palo Alto Networks Cortex XSOAR engine on Linux enables arbitrary file write to the host system by an unauthenticated adjacent-network attacker who can intercept and manipulate outbound network response traffic via MITM. The referenced NVD entry for CVE-2007-4559 - the canonical Python tarfile path traversal - strongly suggests XSOAR's content pack or update download pipeline uses Python's tarfile module without path sanitization, allowing a poisoned archive to escape the extraction directory. No public exploit code has been identified at time of analysis, and the CVSS 4.0 supplemental metrics classify exploitation as unreported (E:U), though the attack is rated automatable (AU:Y) once MITM positioning is achieved.

Path Traversal Paloalto Cortex Xsoar
NVD VulDB
CVSS 4.0
4.8
EPSS
0.0%
CVE-2023-3282 MEDIUM This Month

A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system enables a local attacker to execute programs with elevated. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Paloalto Cortex Xsoar
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-0003 MEDIUM This Month

A file disclosure vulnerability in the Palo Alto Networks Cortex XSOAR server software enables an authenticated user with access to the web interface to read local files from the server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Paloalto Cortex Xsoar Fedora
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2022-0031 MEDIUM This Month

A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system allows a local attacker with shell access to the engine to. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Privilege Escalation Cortex Xsoar
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-0027 MEDIUM This Month

An improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables authenticated users in non-Read-Only groups to generate an email report that contains summary information. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Paloalto Cortex Xsoar
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2021-3051 HIGH This Week

An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR SAML authentication that enables an unauthenticated network-based attacker with specific knowledge of the. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Paloalto Jwt Attack Cortex Xsoar
NVD
CVSS 3.1
8.1
EPSS
0.6%
CVE-2021-3049 MEDIUM This Month

An improper authorization vulnerability in the Palo Alto Networks Cortex XSOAR server enables an authenticated network-based attacker with investigation read permissions to download files from. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto Authentication Bypass Cortex Xsoar
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2021-3044 CRITICAL Act Now

An improper authorization vulnerability in Palo Alto Networks Cortex XSOAR enables a remote unauthenticated attacker with network access to the Cortex XSOAR server to perform unauthorized actions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Paloalto Authentication Bypass Cortex Xsoar
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2021-3034 MEDIUM This Month

An information exposure through log file vulnerability exists in Cortex XSOAR software where the secrets configured for the SAML single sign-on (SSO) integration can be logged to the. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cortex Xsoar
NVD
CVSS 3.1
5.1
EPSS
0.2%
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

Path traversal in Palo Alto Networks Cortex XSOAR engine on Linux enables arbitrary file write to the host system by an unauthenticated adjacent-network attacker who can intercept and manipulate outbound network response traffic via MITM. The referenced NVD entry for CVE-2007-4559 - the canonical Python tarfile path traversal - strongly suggests XSOAR's content pack or update download pipeline uses Python's tarfile module without path sanitization, allowing a poisoned archive to escape the extraction directory. No public exploit code has been identified at time of analysis, and the CVSS 4.0 supplemental metrics classify exploitation as unreported (E:U), though the attack is rated automatable (AU:Y) once MITM positioning is achieved.

Path Traversal Paloalto Cortex Xsoar
NVD VulDB
EPSS 0% CVSS 6.7
MEDIUM This Month

A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system enables a local attacker to execute programs with elevated. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Paloalto Cortex Xsoar
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A file disclosure vulnerability in the Palo Alto Networks Cortex XSOAR server software enables an authenticated user with access to the web interface to read local files from the server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Paloalto Cortex Xsoar +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system allows a local attacker with shell access to the engine to. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Privilege Escalation Cortex Xsoar
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

An improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables authenticated users in non-Read-Only groups to generate an email report that contains summary information. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Paloalto Cortex Xsoar
NVD
EPSS 1% CVSS 8.1
HIGH This Week

An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR SAML authentication that enables an unauthenticated network-based attacker with specific knowledge of the. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Paloalto Jwt Attack +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

An improper authorization vulnerability in the Palo Alto Networks Cortex XSOAR server enables an authenticated network-based attacker with investigation read permissions to download files from. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto Authentication Bypass Cortex Xsoar
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

An improper authorization vulnerability in Palo Alto Networks Cortex XSOAR enables a remote unauthenticated attacker with network access to the Cortex XSOAR server to perform unauthorized actions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Paloalto Authentication Bypass Cortex Xsoar
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

An information exposure through log file vulnerability exists in Cortex XSOAR software where the secrets configured for the SAML single sign-on (SSO) integration can be logged to the. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cortex Xsoar
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy