Skip to main content

Cortex Xsoar Microsoft Teams Marketplace

1 CVEs product

Monthly

CVE-2026-0234 HIGH PATCH This Week

Cryptographic signature bypass in Palo Alto Networks Cortex XSOAR and XSIAM Microsoft Teams integrations (versions 1.5.0 through 1.5.51) allows unauthenticated remote attackers to access and modify protected resources. The vulnerability stems from improper JWT verification (CWE-347), enabling attackers to forge authentication tokens. With CVSS 7.2 (High complexity, network-accessible, no privileges required) and tags indicating JWT attack vectors and information disclosure potential, this represents a critical integration security flaw requiring immediate patching to version 1.5.52 or later.

Information Disclosure Microsoft Jwt Attack Cortex Xsoar Microsoft Teams Marketplace Cortex Xsiam Microsoft Teams Marketplace
NVD VulDB
CVSS 4.0
7.2
EPSS
0.0%
EPSS 0% CVSS 7.2
HIGH PATCH This Week

Cryptographic signature bypass in Palo Alto Networks Cortex XSOAR and XSIAM Microsoft Teams integrations (versions 1.5.0 through 1.5.51) allows unauthenticated remote attackers to access and modify protected resources. The vulnerability stems from improper JWT verification (CWE-347), enabling attackers to forge authentication tokens. With CVSS 7.2 (High complexity, network-accessible, no privileges required) and tags indicating JWT attack vectors and information disclosure potential, this represents a critical integration security flaw requiring immediate patching to version 1.5.52 or later.

Information Disclosure Microsoft Jwt Attack +2
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy