CVE-2022-0012
Cortex XDR Agent: Local Arbitrary File Deletion Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An improper link resolution before file access vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables a local user to delete arbitrary system files and impact the system integrity or cause a denial of service condition. This issue impacts: Cortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.12; Cortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.9; Cortex XDR agent 7.2 versions earlier than Cortex XDR agent 7.2.4; Cortex XDR agent 7.3 versions earlier than Cortex XDR agent 7.3.2.
Se presenta una vulnerabilidad de resolución de enlaces inapropiada antes del acceso a archivos en el agente Cortex XDR de Palo Alto Networks en plataformas Windows que permite a un usuario local eliminar archivos arbitrarios del sistema y afectar a la integridad del sistema o causar una condición de denegación de servicio. Este problema afecta: Agente Cortex XDR versiones 5.0 anteriores al agente Cortex XDR 5.0.12; Agente Cortex XDR versiones 6.1 anteriores al agente Cortex XDR 6.1.9; Agente Cortex XDR versiones7.2 anteriores al agente Cortex XDR 7.2.4; Agente Cortex XDR versiones7.3 anteriores al agente Cortex XDR 7.3.2
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-12-28 CVE Reserved
- 2022-01-12 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-59: Improper Link Resolution Before File Access ('Link Following')
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://security.paloaltonetworks.com/CVE-2022-0012 | 2022-01-19 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Paloaltonetworks Search vendor "Paloaltonetworks" | Cortex Xdr Agent Search vendor "Paloaltonetworks" for product "Cortex Xdr Agent" | >= 5.0 < 5.0.12 Search vendor "Paloaltonetworks" for product "Cortex Xdr Agent" and version " >= 5.0 < 5.0.12" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Paloaltonetworks Search vendor "Paloaltonetworks" | Cortex Xdr Agent Search vendor "Paloaltonetworks" for product "Cortex Xdr Agent" | >= 6.1 < 6.1.9 Search vendor "Paloaltonetworks" for product "Cortex Xdr Agent" and version " >= 6.1 < 6.1.9" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Paloaltonetworks Search vendor "Paloaltonetworks" | Cortex Xdr Agent Search vendor "Paloaltonetworks" for product "Cortex Xdr Agent" | >= 7.2 < 7.2.4 Search vendor "Paloaltonetworks" for product "Cortex Xdr Agent" and version " >= 7.2 < 7.2.4" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Paloaltonetworks Search vendor "Paloaltonetworks" | Cortex Xdr Agent Search vendor "Paloaltonetworks" for product "Cortex Xdr Agent" | >= 7.3 < 7.3.2 Search vendor "Paloaltonetworks" for product "Cortex Xdr Agent" and version " >= 7.3 < 7.3.2" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|