CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0CVE-2023-0001 – Cortex XDR Agent: Cleartext Exposure of Agent Admin Password
https://notcve.org/view.php?id=CVE-2023-0001
An information exposure vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local system administrator to disclose the admin password for the agent in cleartext, which bad actors can then use to execute privileged cytool commands that disable or uninstall the agent. • https://security.paloaltonetworks.com/CVE-2023-0001 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 6.7EPSS: 0%CPEs: 9EXPL: 0CVE-2022-0031 – Cortex XSOAR: Local Privilege Escalation (PE) Vulnerability in Cortex XSOAR Engine
https://notcve.org/view.php?id=CVE-2022-0031
A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system allows a local attacker with shell access to the engine to execute programs with elevated privileges. Una vulnerabilidad de Escalada de Privilegios (PE) locales en el software del motor Cortex XSOAR de Palo Alto Networks que se ejecuta en un Sistema Operativo Linux permite a un atacante local con acceso de shell al motor, ejecutar programas con privilegios elevados. • https://security.paloaltonetworks.com/CVE-2022-0031 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0030 – PAN-OS: Authentication Bypass in Web Interface
https://notcve.org/view.php?id=CVE-2022-0030
An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows a network-based attacker with specific knowledge of the target firewall or Panorama appliance to impersonate an existing PAN-OS administrator and perform privileged actions. Una vulnerabilidad de omisión de autenticación en la interfaz web de Palo Alto Networks PAN-OS versión 8.1, permite a un atacante basado en la red con conocimientos específicos del firewall o dispositivo Panorama de destino hacerse pasar por un administrador de PAN-OS existente y llevar a cabo acciones privilegiadas • https://security.paloaltonetworks.com/CVE-2022-0030 • CWE-290: Authentication Bypass by Spoofing •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-0029 – Cortex XDR Agent: Improper Link Resolution Vulnerability When Generating a Tech Support File
https://notcve.org/view.php?id=CVE-2022-0029
An improper link resolution vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local attacker to read files on the system with elevated privileges when generating a tech support file. Una vulnerabilidad de resolución de enlaces inapropiada en el agente Cortex XDR de Palo Alto Networks en dispositivos Windows permite a un atacante local leer archivos en el sistema con altos privilegios cuando es generado un archivo de soporte técnico • https://security.paloaltonetworks.com/CVE-2022-0029 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 8.6EPSS: 0%CPEs: 6EXPL: 0CVE-2022-0028 – Palo Alto Networks PAN-OS Reflected Amplification Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-0028
A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. The DoS attack would appear to originate from a Palo Alto Networks PA-Series (hardware), VM-Series (virtual) and CN-Series (container) firewall against an attacker-specified target. To be misused by an external attacker, the firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a source zone that has an external facing interface. This configuration is not typical for URL filtering and, if set, is likely unintended by the administrator. If exploited, this issue would not impact the confidentiality, integrity, or availability of our products. • https://security.paloaltonetworks.com/CVE-2022-0028 • CWE-406: Insufficient Control of Network Message Volume (Network Amplification) •