CVE-2023-0003

MEDIUM

Palo Alto Networks Cortex XSOAR - Info Disclosure

Title source: llm

Description

A file disclosure vulnerability in the Palo Alto Networks Cortex XSOAR server software enables an authenticated user with access to the web interface to read local files from the server.

References (11)

Scores

CVSS v3 6.5
EPSS 0.0137
EPSS Percentile 80.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Classification

CWE
CWE-610 CWE-73
Status published

Affected Products (12)

paloaltonetworks/cortex_xsoar < 6.10.0.185964
paloaltonetworks/cortex_xsoar
paloaltonetworks/cortex_xsoar
paloaltonetworks/cortex_xsoar
paloaltonetworks/cortex_xsoar
paloaltonetworks/cortex_xsoar
paloaltonetworks/cortex_xsoar
paloaltonetworks/cortex_xsoar
paloaltonetworks/cortex_xsoar
fedoraproject/fedora
fedoraproject/fedora
fedoraproject/fedora

Timeline

Published Feb 08, 2023
Tracked Since Feb 18, 2026