CVE Vulnerability

CVE-2023-0003

A file disclosure vulnerability in the Palo Alto Networks Cortex XSOAR server software enables an authenticated user with access to the web interface to read local files from the server.

6.5 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://security.paloaltonetworks.com/CVE-2023-0003 Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.8.0:3261002:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.6.0:2585049:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.6.0:2889656:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.6.0:3049220:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.6.0:3124193:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.8.0:176620:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xsoar:*:*:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.9.0:177754:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.9.0:130766:*:*:*:*:*:*
Information

Published : 2023-02-08 06:15

Updated : 2023-02-18 08:45

NVD link : CVE-2023-0003

Mitre link : CVE-2023-0003

Products Affected

Cortex Xsoar

Paloaltonetworks

CWE
CWE-610