Lucene search

K
paloaltoPalo Alto Networks Product Security Incident Response TeamPA-CVE-2021-26701
HistoryAug 11, 2021 - 4:00 p.m.

Informational: Impact of Microsoft PowerShell Vulnerability CVE-2021-26701 on Cortex XSOAR

2021-08-1116:00:00
Palo Alto Networks Product Security Incident Response Team
securityadvisories.paloaltonetworks.com
65

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.081 Low

EPSS

Percentile

94.2%

Palo Alto Networks Cortex XSOAR maintains Docker Images with PowerShell available for customers to use. The base docker images with PowerShell were updated on May 19, 2021 with PowerShell version 7.1.3. Palo Alto Networks urges customers to upgrade their docker images to a version with the tag 7.1.3 or higher to protect against the PowerShell vulnerability CVE-2021-26701.

All content on the Cortex XSOAR Marketplace that utilizes PowerShell has been updated to use PowerShell version 7.1.3 to mitigate any possible risk associated with CVE-2021-26701. Customers are encouraged to also update all relevant content on the Cortex XSOAR Marketplace.

Work around:

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.081 Low

EPSS

Percentile

94.2%