Lucene search
Palo_altoCVELIST:CVE-2024-5914HistoryAug 14, 2024 - 4:40 p.m.
CVE-2024-5914 Cortex XSOAR: Command Injection in CommonScripts Pack
2024-08-1416:40:00
CWE-77
palo_alto
www.cve.org
10
cortex xsoar
command injection
palo alto networks
commonscripts pack
unauthenticated attacker
arbitrary commands
integration container
CVSS4
7
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/SC:H/VI:L/SI:H/VA:L/SA:N/AU:N/U:Amber/R:U/V:D/RE:M
EPSS
0.001
Percentile
39.1%
A command injection issue in Palo Alto Networks Cortex XSOAR CommonScripts Pack allows an unauthenticated attacker to execute arbitrary commands within the context of an integration container.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Cortex XSOAR CommonScripts",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.12.33",
"status": "unaffected"
}
],
"lessThan": "1.12.33",
"status": "affected",
"version": "1.12",
"versionType": "custom"
}
]
}
]Related
paloalto
paloalto
Cortex XSOAR: Command Injection in CommonScripts Pack
2024-08-14 16:00:00
vulnrichment
vulnrichment
CVE-2024-5914 Cortex XSOAR: Command Injection in CommonScripts Pack
2024-08-14 16:40:00
nvd
nvd
CVE-2024-5914
2024-08-14 17:15:18
cve
cve
CVE-2024-5914
2024-08-14 17:15:18
thn
thn
SolarWinds Releases Patch for Critical Flaw in Web Help Desk Software
2024-08-15 13:19:00
CVSS4
7
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/SC:H/VI:L/SI:H/VA:L/SA:N/AU:N/U:Amber/R:U/V:D/RE:M
EPSS
0.001
Percentile
39.1%
Related for CVELIST:CVE-2024-5914