Lucene search
HistoryAug 14, 2024 - 5:15 p.m.
CVE-2024-5914
palo alto networks
command injection
cortex xsoar
commonscripts pack
unauthenticated attacker
integration container
arbitrary commands
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
39.1%
A command injection issue in Palo Alto Networks Cortex XSOAR CommonScripts Pack allows an unauthenticated attacker to execute arbitrary commands within the context of an integration container.
Affected configurations
Node
paloaltonetworkscortex_xsoar_commonscriptsRange<1.12.33
| Vendor | Product | Version | CPE |
|---|---|---|---|
| paloaltonetworks | cortex_xsoar_commonscripts | * | cpe:2.3:a:paloaltonetworks:cortex_xsoar_commonscripts:*:*:*:*:*:*:*:* |
Related
paloalto
paloalto
Cortex XSOAR: Command Injection in CommonScripts Pack
2024-08-14 16:00:00
vulnrichment
vulnrichment
CVE-2024-5914 Cortex XSOAR: Command Injection in CommonScripts Pack
2024-08-14 16:40:00
cvelist
cvelist
CVE-2024-5914 Cortex XSOAR: Command Injection in CommonScripts Pack
2024-08-14 16:40:00
cve
cve
CVE-2024-5914
2024-08-14 17:15:18
thn
thn
SolarWinds Releases Patch for Critical Flaw in Web Help Desk Software
2024-08-15 13:19:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
39.1%
Related for NVD:CVE-2024-5914