Vulnerabilities > Paloaltonetworks > Cortex Xsoar > 5.5.0

DATE CVE VULNERABILITY TITLE RISK
2023-11-08 CVE-2023-3282 Incorrect Permission Assignment for Critical Resource vulnerability in Paloaltonetworks Cortex Xsoar
A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system enables a local attacker to execute programs with elevated privileges if the attacker has shell access to the engine.
local
low complexity
paloaltonetworks CWE-732
6.7
2021-09-08 CVE-2021-3049 Unspecified vulnerability in Paloaltonetworks Cortex Xsoar 5.5.0/6.1.0
An improper authorization vulnerability in the Palo Alto Networks Cortex XSOAR server enables an authenticated network-based attacker with investigation read permissions to download files from incident investigations of which they are aware but are not a part of.
network
low complexity
paloaltonetworks
4.3
2021-09-08 CVE-2021-3051 Improper Verification of Cryptographic Signature vulnerability in Paloaltonetworks Cortex Xsoar
An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR SAML authentication that enables an unauthenticated network-based attacker with specific knowledge of the Cortex XSOAR instance to access protected resources and perform unauthorized actions on the Cortex XSOAR server.
network
high complexity
paloaltonetworks CWE-347
8.1