First published: Wed Sep 08 2021(Updated: )
An improper authorization vulnerability in the Palo Alto Networks Cortex XSOAR server enables an authenticated network-based attacker with investigation read permissions to download files from incident investigations of which they are aware but are not a part of. This issue impacts: All Cortex XSOAR 5.5.0 builds; Cortex XSOAR 6.1.0 builds earlier than 12099345. This issue does not impact Cortex XSOAR 6.2.0 versions.
Credit: psirt@paloaltonetworks.com
Affected Software | Affected Version | How to fix |
---|---|---|
Paloaltonetworks Cortex Xsoar | =5.5.0 | |
Paloaltonetworks Cortex Xsoar | =5.5.0-70066 | |
Paloaltonetworks Cortex Xsoar | =5.5.0-73387 | |
Paloaltonetworks Cortex Xsoar | =5.5.0-75211 | |
Paloaltonetworks Cortex Xsoar | =5.5.0-78518 | |
Paloaltonetworks Cortex Xsoar | =5.5.0-94592 | |
Paloaltonetworks Cortex Xsoar | =6.1.0 | |
Paloaltonetworks Cortex Xsoar | =6.1.0-1016923 | |
Paloaltonetworks Cortex Xsoar | =6.1.0-1031903 | |
Paloaltonetworks Cortex Xsoar | =6.1.0-1077664 | |
Paloaltonetworks Cortex Xsoar | =6.1.0-848144 |
This issue is fixed in Cortex XSOAR 6.1.0 build 12099345 and all later Cortex XSOAR versions. There are currently no Cortex XSOAR 5.5.0 updates available for this issue.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-3049 is an improper authorization vulnerability in the Palo Alto Networks Cortex XSOAR server.
CVE-2021-3049 enables an authenticated network-based attacker with investigation read permissions to download files from incident investigations of which they are aware but are not a part of.
The severity of CVE-2021-3049 is medium with a CVSS score of 4.3.
CVE-2021-3049 impacts all versions of Palo Alto Networks Cortex XSOAR 5.5.0, 6.1.0, and their respective subversions.
To fix CVE-2021-3049, update your Palo Alto Networks Cortex XSOAR server to a patched version.