Security News > 2021 > June > Palo Alto Networks Patches Critical Vulnerability in Cortex XSOAR

Palo Alto Networks Patches Critical Vulnerability in Cortex XSOAR
2021-06-23 08:45

A security advisory published on Tuesday by Palo Alto Networks informs customers about the availability of patches for a critical vulnerability affecting the company's Cortex XSOAR product.

During an internal security review, Palo Alto Networks discovered that its Cortex XSOAR security orchestration, automation and response platform is affected by an improper authorization issue.

The flaw, tracked as CVE-2021-3044 and rated critical severity with a CVSS score of 9.8, can be exploited by a remote, unauthenticated attacker with network access to the Cortex XSOAR server to perform unauthorized actions through the REST API. "This issue is not a remote code execution vulnerability. This issue enables an unauthorized attacker to perform actions on behalf of an active Cortex XSOAR integration, which includes running commands and automations in the Cortex XSOAR War Room," Palo Alto Networks explained in its advisory.

The security hole affects XSOAR versions 6.1.0 and 6.2.0 on configurations with active API key integrations.

As for mitigations, the vendor recommends revoking all active integration API keys and restricting network access to the XSOAR server.

He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia's security news reporter.


News URL

http://feedproxy.google.com/~r/securityweek/~3/1eDMn7lxQBA/palo-alto-networks-patches-critical-vulnerability-cortex-xsoar

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-06-22 CVE-2021-3044 Unspecified vulnerability in Paloaltonetworks Cortex Xsoar 6.1.0/6.2.0
An improper authorization vulnerability in Palo Alto Networks Cortex XSOAR enables a remote unauthenticated attacker with network access to the Cortex XSOAR server to perform unauthorized actions through the REST API.
0.0