CWE
345
Advisory Published
Updated

CVE-2022-0031: Cortex XSOAR: Local Privilege Escalation (PE) Vulnerability in Cortex XSOAR Engine

First published: Wed Nov 09 2022(Updated: )

A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system allows a local attacker with shell access to the engine to execute programs with elevated privileges.

Credit: psirt@paloaltonetworks.com

Affected SoftwareAffected VersionHow to fix
Paloaltonetworks Cortex Xsoar=6.5.0-2102531
Paloaltonetworks Cortex Xsoar=6.5.0-2410815
Paloaltonetworks Cortex Xsoar=6.5.0-2583817
Paloaltonetworks Cortex Xsoar=6.6.0-2585049
Paloaltonetworks Cortex Xsoar=6.6.0-2889656
Paloaltonetworks Cortex Xsoar=6.6.0-3049220
Paloaltonetworks Cortex Xsoar=6.6.0-3124193
Paloaltonetworks Cortex Xsoar=6.8.0-3261002
Linux Linux kernel

Remedy

This issue is fixed in Cortex XSOAR engine software available in Cortex XSOAR 6.9.0 build 130766 and all later versions of Cortex XSOAR.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is CVE-2022-0031?

    CVE-2022-0031 is a local privilege escalation vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system.

  • How does CVE-2022-0031 impact Palo Alto Networks Cortex XSOAR?

    CVE-2022-0031 allows a local attacker with shell access to the engine to execute programs with elevated privileges, potentially leading to unauthorized actions on the system.

  • Which versions of Palo Alto Networks Cortex XSOAR are affected by CVE-2022-0031?

    Palo Alto Networks Cortex XSOAR versions 6.5.0-2102531, 6.5.0-2410815, 6.5.0-2583817, 6.6.0-2585049, 6.6.0-2889656, 6.6.0-3049220, 6.6.0-3124193, and 6.8.0-3261002 are affected by CVE-2022-0031.

  • What is the severity of CVE-2022-0031?

    CVE-2022-0031 has a severity rating of 6.7 (medium).

  • Is the Linux operating system vulnerable to CVE-2022-0031?

    No, the Linux operating system itself is not vulnerable to CVE-2022-0031.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203