CVE-2023-0003

Cortex XSOAR: Local File Disclosure Vulnerability in the Cortex XSOAR Server

Severity Score

6.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A file disclosure vulnerability in the Palo Alto Networks Cortex XSOAR server software enables an authenticated user with access to the web interface to read local files from the server.

*Credits: Palo Alto Networks thanks Eric Turpin for discovering and reporting this issue.

CVSS Scores

NISTv3.1 6.5

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-10-27 CVE Reserved
2023-02-08 CVE Published
2024-08-02 CVE Updated
2024-08-18 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-73: External Control of File Name or Path
CWE-610: Externally Controlled Reference to a Resource in Another Sphere

CAPEC

References (11)

URL	Tag	Source
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HMEELCREWMRT6NS7HWXLA6XFLLMO36HE	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UEJWL67XR67JAGEL2ZK22NA3BRKNMZNY	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VEEQIN5242K5NBE2CZ4DYTNA5B4YTYE5	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VKFMKD4MJZIKFQJAAJ4VZ2FHIJ764A76	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y	Mailing List

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://security.paloaltonetworks.com/CVE-2023-0003	2024-02-16

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Paloaltonetworks Search vendor "Paloaltonetworks"		Cortex Xsoar Search vendor "Paloaltonetworks" for product "Cortex Xsoar"				>= 6.10.0 < 6.10.0.185964 Search vendor "Paloaltonetworks" for product "Cortex Xsoar" and version " >= 6.10.0 < 6.10.0.185964"		-		Affected
Paloaltonetworks Search vendor "Paloaltonetworks"		Cortex Xsoar Search vendor "Paloaltonetworks" for product "Cortex Xsoar"				6.6.0 Search vendor "Paloaltonetworks" for product "Cortex Xsoar" and version "6.6.0"		2585049		Affected
Paloaltonetworks Search vendor "Paloaltonetworks"		Cortex Xsoar Search vendor "Paloaltonetworks" for product "Cortex Xsoar"				6.6.0 Search vendor "Paloaltonetworks" for product "Cortex Xsoar" and version "6.6.0"		2889656		Affected
Paloaltonetworks Search vendor "Paloaltonetworks"		Cortex Xsoar Search vendor "Paloaltonetworks" for product "Cortex Xsoar"				6.6.0 Search vendor "Paloaltonetworks" for product "Cortex Xsoar" and version "6.6.0"		3049220		Affected
Paloaltonetworks Search vendor "Paloaltonetworks"		Cortex Xsoar Search vendor "Paloaltonetworks" for product "Cortex Xsoar"				6.6.0 Search vendor "Paloaltonetworks" for product "Cortex Xsoar" and version "6.6.0"		3124193		Affected
Paloaltonetworks Search vendor "Paloaltonetworks"		Cortex Xsoar Search vendor "Paloaltonetworks" for product "Cortex Xsoar"				6.8.0 Search vendor "Paloaltonetworks" for product "Cortex Xsoar" and version "6.8.0"		176620		Affected
Paloaltonetworks Search vendor "Paloaltonetworks"		Cortex Xsoar Search vendor "Paloaltonetworks" for product "Cortex Xsoar"				6.8.0 Search vendor "Paloaltonetworks" for product "Cortex Xsoar" and version "6.8.0"		3261002		Affected
Paloaltonetworks Search vendor "Paloaltonetworks"		Cortex Xsoar Search vendor "Paloaltonetworks" for product "Cortex Xsoar"				6.9.0 Search vendor "Paloaltonetworks" for product "Cortex Xsoar" and version "6.9.0"		130766		Affected
Paloaltonetworks Search vendor "Paloaltonetworks"		Cortex Xsoar Search vendor "Paloaltonetworks" for product "Cortex Xsoar"				6.9.0 Search vendor "Paloaltonetworks" for product "Cortex Xsoar" and version "6.9.0"		177754		Affected
Fedoraproject Search vendor "Fedoraproject"		Fedora Search vendor "Fedoraproject" for product "Fedora"				37 Search vendor "Fedoraproject" for product "Fedora" and version "37"		-		Affected
Fedoraproject Search vendor "Fedoraproject"		Fedora Search vendor "Fedoraproject" for product "Fedora"				38 Search vendor "Fedoraproject" for product "Fedora" and version "38"		-		Affected
Fedoraproject Search vendor "Fedoraproject"		Fedora Search vendor "Fedoraproject" for product "Fedora"				39 Search vendor "Fedoraproject" for product "Fedora" and version "39"		-		Affected