Description
A path traversal vulnerability in Palo Alto Networks Cortex XSOAR engine software running on Linux allows an unauthenticated attacker on an adjacent network, with the ability to intercept and manipulate network response traffic via a man-in-the-middle (MITM) attack, to write arbitrary files to the host.
References (2)
Core 2
Core References
Related, Third Party Advisory related
third-party-advisory
CVE-2007-4559: Python tarfile module path traversal
https://nvd.nist.gov/vuln/detail/CVE-2007-4559
Vendor Advisory vendor-advisory
https://security.paloaltonetworks.com/CVE-2026-0270
Scores
CVSS v4
4.8
EPSS
0.0016
EPSS Percentile
5.0%
CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:D/RE:M/U:Amber
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-22
Status
published
Products (7)
Palo Alto Networks/Cortex XSOAR
6.12.0
Palo Alto Networks/Cortex XSOAR
6.13.0
Palo Alto Networks/Cortex XSOAR
6.14.0
Palo Alto Networks/Cortex XSOAR
8.10.0
Palo Alto Networks/Cortex XSOAR
8.11.0
Palo Alto Networks/Cortex XSOAR
8.12.0
Palo Alto Networks/Cortex XSOAR
8.13 - 8.13.0.11
Published
Jun 10, 2026
Tracked Since
Jun 11, 2026