CVE-2021-3049
low-risk
Published 2021-09-08
An improper authorization vulnerability in the Palo Alto Networks Cortex XSOAR server enables an authenticated network-based attacker with investigation read permissions to download files from incident investigations of which they are aware but are not a part of. This issue impacts: All Cortex XSOAR 5.5.0 builds; Cortex XSOAR 6.1.0 builds earlier than 12099345. This issue does not impact Cortex XSOAR 6.2.0 versions.
Do I need to act?
-
0.11% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
2
CVSS 2.6/10
Low
NETWORK
/ HIGH complexity
Affected Products (11)
Cortex Xsoar
Cortex Xsoar
Cortex Xsoar
Cortex Xsoar
Cortex Xsoar
Cortex Xsoar
Cortex Xsoar
Cortex Xsoar
Cortex Xsoar
Cortex Xsoar
Cortex Xsoar
Affected Vendors
References (2)
Vendor Advisory
https://security.paloaltonetworks.com/CVE-2021-3049
Vendor Advisory
https://security.paloaltonetworks.com/CVE-2021-3049
26
/ 100
low-risk
Severity
10/34 · Low
Exploitability
0/34 · Minimal
Exposure
16/34 · Moderate