First published: Wed May 11 2022(Updated: )
An improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables authenticated users in non-Read-Only groups to generate an email report that contains summary information about all incidents in the Cortex XSOAR instance, including incidents to which the user does not have access. This issue impacts: All versions of Cortex XSOAR 6.1; All versions of Cortex XSOAR 6.2; All versions of Cortex XSOAR 6.5; Cortex XSOAR 6.6 versions earlier than Cortex XSOAR 6.6.0 build 6.6.0.2585049.
Credit: psirt@paloaltonetworks.com
Affected Software | Affected Version | How to fix |
---|---|---|
Paloaltonetworks Cortex Xsoar | >=6.6.0<6.6.0.2585049 | |
Paloaltonetworks Cortex Xsoar | =6.1.0 | |
Paloaltonetworks Cortex Xsoar | =6.2.0 | |
Paloaltonetworks Cortex Xsoar | =6.5.0 |
This issue is fixed in Cortex XSOAR 6.6.0 build 6.6.0.2585049 and all later Cortex XSOAR versions.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2022-0027.
CVE-2022-0027 has a severity level of medium.
The affected software is Palo Alto Network Cortex XSOAR versions 6.1.0, 6.2.0, 6.5.0, and versions up to 6.6.0.2585049.
The CWE ID for CVE-2022-0027 is CWE-285.
Yes, Palo Alto Networks has released a fix for this vulnerability. It is recommended to update to a patched version of the Cortex XSOAR software.