Security News > 2021 > June > Palo Alto Networks Patches Critical Vulnerability in Cortex XSOAR
A security advisory published on Tuesday by Palo Alto Networks informs customers about the availability of patches for a critical vulnerability affecting the company's Cortex XSOAR product.
During an internal security review, Palo Alto Networks discovered that its Cortex XSOAR security orchestration, automation and response platform is affected by an improper authorization issue.
The flaw, tracked as CVE-2021-3044 and rated critical severity with a CVSS score of 9.8, can be exploited by a remote, unauthenticated attacker with network access to the Cortex XSOAR server to perform unauthorized actions through the REST API. "This issue is not a remote code execution vulnerability. This issue enables an unauthorized attacker to perform actions on behalf of an active Cortex XSOAR integration, which includes running commands and automations in the Cortex XSOAR War Room," Palo Alto Networks explained in its advisory.
The security hole affects XSOAR versions 6.1.0 and 6.2.0 on configurations with active API key integrations.
As for mitigations, the vendor recommends revoking all active integration API keys and restricting network access to the XSOAR server.
He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia's security news reporter.
News URL
Related news
- Critical Unpatched Ray AI Platform Vulnerability Exploited for Cryptocurrency Mining (source)
- Critical 'BatBadBut' Rust Vulnerability Exposes Windows Systems to Attacks (source)
- Fortinet Rolls Out Critical Security Patches for FortiClientLinux Vulnerability (source)
- Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack (source)
- Palo Alto Networks Releases Urgent Fixes for Exploited PAN-OS Vulnerability (source)
- A critical vulnerability in Delinea Secret Server allows auth bypass, admin access (source)
- Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack (source)
- PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389) (source)
- Palo Alto Networks Outlines Remediation for Critical PAN-OS Flaw Under Attack (source)
- Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-22 | CVE-2021-3044 | Unspecified vulnerability in Paloaltonetworks Cortex Xsoar 6.1.0/6.2.0 An improper authorization vulnerability in Palo Alto Networks Cortex XSOAR enables a remote unauthenticated attacker with network access to the Cortex XSOAR server to perform unauthorized actions through the REST API. | 7.5 |