CVE-2025-2184

MEDIUM

Palo Alto Networks Cortex XDR - Info Disclosure

Title source: llm

Description

A credential management flaw in Palo Alto Networks Cortex XDR® Broker VM causes different Broker VM images to share identical default credentials for internal services. Users knowing these default credentials could access internal services on other Broker VM installations. The attacker must have network access to the Broker VM to exploit this issue.

References (1)

[Various Sources] https://security.paloaltonetworks.com/CVE-2025-2184

Scores

CVSS v4 5.3

EPSS 0.0003

EPSS Percentile 10.2%

CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/AU:Y/R:U/V:C/RE:M/U:Amber

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-1392

Status published

Products (1)

Palo Alto Networks/Cortex XDR Broker VM 28.0.0 - 28.0.52

Published Aug 13, 2025

Tracked Since Feb 18, 2026