Security News > 2021 > June > Palo Alto Networks Patches Critical Vulnerability in Cortex XSOAR
A security advisory published on Tuesday by Palo Alto Networks informs customers about the availability of patches for a critical vulnerability affecting the company's Cortex XSOAR product.
During an internal security review, Palo Alto Networks discovered that its Cortex XSOAR security orchestration, automation and response platform is affected by an improper authorization issue.
The flaw, tracked as CVE-2021-3044 and rated critical severity with a CVSS score of 9.8, can be exploited by a remote, unauthenticated attacker with network access to the Cortex XSOAR server to perform unauthorized actions through the REST API. "This issue is not a remote code execution vulnerability. This issue enables an unauthorized attacker to perform actions on behalf of an active Cortex XSOAR integration, which includes running commands and automations in the Cortex XSOAR War Room," Palo Alto Networks explained in its advisory.
The security hole affects XSOAR versions 6.1.0 and 6.2.0 on configurations with active API key integrations.
As for mitigations, the vendor recommends revoking all active integration API keys and restricting network access to the XSOAR server.
He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia's security news reporter.
News URL
Related news
- CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability (source)
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) (source)
- CISA warns of critical Palo Alto Networks bug exploited in attacks (source)
- Critical Palo Alto Networks Expedition bug exploited (CVE-2024-5910) (source)
- Palo Alto Networks warns of potential PAN-OS RCE vulnerability (source)
- Palo Alto Networks warns of critical RCE zero-day exploited in attacks (source)
- Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites (source)
- Palo Alto Networks tackles firewall-busting zero-days with critical patches (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-06-22 | CVE-2021-3044 | Unspecified vulnerability in Paloaltonetworks Cortex Xsoar 6.1.0/6.2.0 An improper authorization vulnerability in Palo Alto Networks Cortex XSOAR enables a remote unauthenticated attacker with network access to the Cortex XSOAR server to perform unauthorized actions through the REST API. | 0.0 |