Описание
A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system allows a local attacker with shell access to the engine to execute programs with elevated privileges.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.5.0:2102531:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.5.0:2410815:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.5.0:2583817:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.6.0:2585049:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.6.0:2889656:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.6.0:3049220:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.6.0:3124193:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.8.0:3261002:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
EPSS
Процентиль: 6%
0.00024
Низкий
6.7 Medium
CVSS3
Дефекты
CWE-345
CWE-345
Связанные уязвимости
CVSS3: 6.7
github
около 3 лет назад
A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system allows a local attacker with shell access to the engine to execute programs with elevated privileges.
EPSS
Процентиль: 6%
0.00024
Низкий
6.7 Medium
CVSS3
Дефекты
CWE-345
CWE-345