How does CVE-2023-3282 affect Palo Alto Networks Cortex XSOAR?

CVE-2023-3282 allows a local attacker with shell access to the Cortex XSOAR engine to execute programs with elevated privileges.

What is the severity rating for CVE-2023-3282?

CVE-2023-3282 has a severity rating of 6.4, which is considered medium.

How can I mitigate CVE-2023-3282?

To mitigate CVE-2023-3282, it is recommended to update the Palo Alto Networks Cortex XSOAR engine software to version 6.10.1 or later.

Where can I find more information about CVE-2023-3282?

For more information about CVE-2023-3282, you can visit the Palo Alto Networks security advisory at https://security.paloaltonetworks.com/CVE-2023-3282.

Vulnerability/
CVE-2023-3282

medium

6.7

CWE

732

8/11/2023

2/8/2024

CVE-2023-3282: Cortex XSOAR: Local Privilege Escalation (PE) Vulnerability in Cortex XSOAR Engine

Q: What is CVE-2023-3282?

CVE-2023-3282 is a local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system.

First published: Wed Nov 08 2023(Updated: )

A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system enables a local attacker to execute programs with elevated privileges if the attacker has shell access to the engine.

Credit: psirt@paloaltonetworks.com

Affected Software	Affected Version	How to fix
Paloaltonetworks Cortex Xsoar	<6.10.0
Linux Linux kernel

Remedy

This issue is fixed in deployed Cortex XSOAR engines when an updated engine installer is created and used to upgrade the engine from Cortex XSOAR 6.10 build B250144 and all later builds of Cortex XSOAR.

Never miss a vulnerability like this again

Reference Links

https://security.paloaltonetworks.com/CVE-2023-3282

Frequently Asked Questions

What is CVE-2023-3282?
CVE-2023-3282 is a local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system.
How does CVE-2023-3282 affect Palo Alto Networks Cortex XSOAR?
CVE-2023-3282 allows a local attacker with shell access to the Cortex XSOAR engine to execute programs with elevated privileges.
What is the severity rating for CVE-2023-3282?
CVE-2023-3282 has a severity rating of 6.4, which is considered medium.
How can I mitigate CVE-2023-3282?
To mitigate CVE-2023-3282, it is recommended to update the Palo Alto Networks Cortex XSOAR engine software to version 6.10.1 or later.
Where can I find more information about CVE-2023-3282?
For more information about CVE-2023-3282, you can visit the Palo Alto Networks security advisory at https://security.paloaltonetworks.com/CVE-2023-3282.

collector/nvd-api
agent/weakness
agent/severity
agent/title
agent/references
agent/author
agent/type
agent/tags
agent/event
agent/description
agent/last-modified-date
agent/remedy
agent/softwarecombine
agent/first-publish-date
collector/mitre-cve
source/MITRE
vendor/paloaltonetworks
canonical/paloaltonetworks cortex xsoar
vendor/linux
canonical/linux linux kernel

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.