Lucene search

[email protected]CVE-2022-0029

HistorySep 14, 2022 - 5:15 p.m.

CVE-2022-0029

2022-09-1417:15:10

CWE-59

[email protected]

web.nvd.nist.gov

cve-2022-0029

palo alto networks

cortex xdr

windows

vulnerability

local attacker

file read

elevated privileges

tech support file

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

5.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

An improper link resolution vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local attacker to read files on the system with elevated privileges when generating a tech support file.

Affected configurations

NVD

Node

microsoftwindowsMatch-

AND

paloaltonetworkscortex_xdr_agentRange5.0–5.0.12

paloaltonetworkscortex_xdr_agentRange7.5–7.5.101critical_environment

paloaltonetworkscortex_xdr_agentRange7.7–7.7.3

CPENameOperatorVersion
paloaltonetworks:cortex_xdr_agentpaloaltonetworks cortex xdr agentlt5.0.12
paloaltonetworks:cortex_xdr_agentpaloaltonetworks cortex xdr agentlt7.5.101
paloaltonetworks:cortex_xdr_agentpaloaltonetworks cortex xdr agentlt7.7.3

CPE	Name	Operator	Version
paloaltonetworks:cortex_xdr_agent	paloaltonetworks cortex xdr agent	lt	5.0.12
paloaltonetworks:cortex_xdr_agent	paloaltonetworks cortex xdr agent	lt	7.5.101
paloaltonetworks:cortex_xdr_agent	paloaltonetworks cortex xdr agent	lt	7.7.3

CNA Affected

[
  {
    "platforms": [
      "Windows"
    ],
    "product": "Cortex XDR Agent",
    "vendor": "Palo Alto Networks",
    "versions": [
      {
        "lessThan": "7.7.3",
        "status": "affected",
        "version": "7.7",
        "versionType": "custom"
      },
      {
        "lessThan": "7.5.101-CE",
        "status": "affected",
        "version": "7.5 CE",
        "versionType": "custom"
      },
      {
        "lessThan": "5.0.12-hotfix update",
        "status": "affected",
        "version": "5.0",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Cortex XDR Agent",
    "vendor": "Palo Alto Networks",
    "versions": [
      {
        "status": "unaffected",
        "version": "7.8 all"
      },
      {
        "lessThan": "7.7*",
        "status": "unaffected",
        "version": "7.7.3",
        "versionType": "custom"
      },
      {
        "lessThan": "7.5 CE*",
        "status": "unaffected",
        "version": "7.5.101-CE",
        "versionType": "custom"
      },
      {
        "lessThan": "5.0*",
        "status": "unaffected",
        "version": "5.0.12-hotfix update",
        "versionType": "custom"
      }
    ]
  }
]

References

security.paloaltonetworks.com/CVE-2022-0029

Social References

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

5.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2022-0029

prion1 paloalto1 nvd1 cvelist1