Vulnerabilities > Paloaltonetworks > Cortex Xsoar > 5.5.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-08 | CVE-2023-3282 | Incorrect Permission Assignment for Critical Resource vulnerability in Paloaltonetworks Cortex Xsoar A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system enables a local attacker to execute programs with elevated privileges if the attacker has shell access to the engine. | 6.7 |
| 2021-09-08 | CVE-2021-3049 | Unspecified vulnerability in Paloaltonetworks Cortex Xsoar 5.5.0/6.1.0 An improper authorization vulnerability in the Palo Alto Networks Cortex XSOAR server enables an authenticated network-based attacker with investigation read permissions to download files from incident investigations of which they are aware but are not a part of. | 4.3 |
| 2021-09-08 | CVE-2021-3051 | Improper Verification of Cryptographic Signature vulnerability in Paloaltonetworks Cortex Xsoar An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR SAML authentication that enables an unauthenticated network-based attacker with specific knowledge of the Cortex XSOAR instance to access protected resources and perform unauthorized actions on the Cortex XSOAR server. | 8.1 |