Lucene search

[email protected]NVD:CVE-2023-0003

HistoryFeb 08, 2023 - 6:15 p.m.

CVE-2023-0003

2023-02-0818:15:11

CWE-73

CWE-610

[email protected]

web.nvd.nist.gov

palo alto networks

cortex xsoar

file disclosure

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

6.2 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.1%

JSON

A file disclosure vulnerability in the Palo Alto Networks Cortex XSOAR server software enables an authenticated user with access to the web interface to read local files from the server.

Affected configurations

NVD

Node

paloaltonetworkscortex_xsoarRange6.10.0–6.10.0.185964

paloaltonetworkscortex_xsoarMatch6.6.02585049

paloaltonetworkscortex_xsoarMatch6.6.02889656

paloaltonetworkscortex_xsoarMatch6.6.03049220

paloaltonetworkscortex_xsoarMatch6.6.03124193

paloaltonetworkscortex_xsoarMatch6.8.0176620

paloaltonetworkscortex_xsoarMatch6.8.03261002

paloaltonetworkscortex_xsoarMatch6.9.0130766

paloaltonetworkscortex_xsoarMatch6.9.0177754

Node

fedoraprojectfedoraMatch37

fedoraprojectfedoraMatch38

fedoraprojectfedoraMatch39

References

lists.fedoraproject.org/archives/list/[email protected]/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/

lists.fedoraproject.org/archives/list/[email protected]/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/

lists.fedoraproject.org/archives/list/[email protected]/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/

lists.fedoraproject.org/archives/list/[email protected]/message/HMEELCREWMRT6NS7HWXLA6XFLLMO36HE/

lists.fedoraproject.org/archives/list/[email protected]/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/

lists.fedoraproject.org/archives/list/[email protected]/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/

lists.fedoraproject.org/archives/list/[email protected]/message/UEJWL67XR67JAGEL2ZK22NA3BRKNMZNY/

lists.fedoraproject.org/archives/list/[email protected]/message/VEEQIN5242K5NBE2CZ4DYTNA5B4YTYE5/

lists.fedoraproject.org/archives/list/[email protected]/message/VKFMKD4MJZIKFQJAAJ4VZ2FHIJ764A76/

lists.fedoraproject.org/archives/list/[email protected]/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/

security.paloaltonetworks.com/CVE-2023-0003

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

6.2 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.1%

JSON

Related for NVD:CVE-2023-0003

cvelist1 cve1 prion1 paloalto1