Palo Alto Networks Product Security Incident Response TeamPA-CVE-2024-5905Cortex XDR Agent: Local Windows User Can Disrupt Functionality of the Agent
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
CVSS4
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/SC:N/VI:L/SI:N/VA:L/SA:N/AU:Y/U:Amber/R:U/V:D/RE:M
AI Score
Confidence
Low
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local low privileged Windows user to disrupt some functionality of the agent. However, they are not able to disrupt Cortex XDR agent protection mechanisms using this vulnerability.
Work around:
No work around available.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| software | cortex_xdr_agent | * | cpe:2.3:a:software:cortex_xdr_agent:*:*:*:*:*:*:*:* |
Related
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
CVSS4
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/SC:N/VI:L/SI:N/VA:L/SA:N/AU:Y/U:Amber/R:U/V:D/RE:M
AI Score
Confidence
Low