Vulnerabilities > Paloaltonetworks > Cortex Xsoar > 6.9.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-08 | CVE-2023-3282 | Incorrect Permission Assignment for Critical Resource vulnerability in Paloaltonetworks Cortex Xsoar A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system enables a local attacker to execute programs with elevated privileges if the attacker has shell access to the engine. | 6.7 |
| 2023-02-08 | CVE-2023-0003 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in multiple products A file disclosure vulnerability in the Palo Alto Networks Cortex XSOAR server software enables an authenticated user with access to the web interface to read local files from the server. | 6.5 |