Palo Alto Cortex XDR Agent hasta 5.0.11/6.1.8/7.2.3/7.3.1 en Windows Support File divulgación de información

Una vulnerabilidad ha sido encontrada en Palo Alto Cortex XDR Agent hasta 5.0.11/6.1.8/7.2.3/7.3.1 en Windows y clasificada como problemática. Una función desconocida del componente Support File Handler es afectada por esta vulnerabilidad. Una actualización a la versión 5.0.12, 6.1.9, 7.2.4 o 7.3.2 elimina esta vulnerabilidad.

Cronología

Usuario

132
019

Campo

source_cve_nvd_summary1
exploit_price_0day1
vulnerability_cvss3_meta_tempscore1
vulnerability_cvss3_meta_basescore1
vulnerability_cvss3_vuldb_tempscore1

Commit Conf

90%40
50%10
70%1

Approve Conf

90%40
80%10
70%1
IDComprometidoUsuarioCampoCambioObservacionesAceptadoRazónC
120501642022-01-15VulD...cve_nvd_summaryA file information exposure vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local attacker to read the contents of arbitrary files on the system with elevated privileges when generating a support file. This issue impacts: Cortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.12; Cortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.9; Cortex XDR agent 7.2 versions earlier than Cortex XDR agent 7.2.4; Cortex XDR agent 7.3 versions earlier than Cortex XDR agent 7.3.2.cve.mitre.org2022-01-15aceptado
70
120375482022-01-12VulD...price_0day$0-$5ksee exploit price documentation2022-01-12aceptado
90
120375472022-01-12VulD...cvss3_meta_tempscore4.2see CVSS documentation2022-01-12aceptado
90
120375462022-01-12VulD...cvss3_meta_basescore4.2see CVSS documentation2022-01-12aceptado
90
120375452022-01-12VulD...cvss3_vuldb_tempscore3.4see CVSS documentation2022-01-12aceptado
90
120375442022-01-12VulD...cvss3_vuldb_basescore3.5see CVSS documentation2022-01-12aceptado
90
120375432022-01-12VulD...cvss2_vuldb_tempscore3.5see CVSS documentation2022-01-12aceptado
90
120375422022-01-12VulD...cvss2_vuldb_basescore4.0see CVSS documentation2022-01-12aceptado
90
120375412022-01-12VulD...cvss3_cna_basescore5.0see CVSS documentation2022-01-12aceptado
90
120375402022-01-12VulD...cvss3_vuldb_eXderived from historical data2022-01-12aceptado
80
120375392022-01-12VulD...cvss2_vuldb_eNDderived from historical data2022-01-12aceptado
80
120375382022-01-12VulD...cvss2_vuldb_auSderived from historical data2022-01-12aceptado
80
120375372022-01-12VulD...cvss2_vuldb_rlOFderived from vuldb v3 vector2022-01-12aceptado
80
120375362022-01-12VulD...cvss2_vuldb_rcCderived from vuldb v3 vector2022-01-12aceptado
80
120375352022-01-12VulD...cvss2_vuldb_aiNderived from vuldb v3 vector2022-01-12aceptado
80
120375342022-01-12VulD...cvss2_vuldb_iiNderived from vuldb v3 vector2022-01-12aceptado
80
120375332022-01-12VulD...cvss2_vuldb_ciPderived from vuldb v3 vector2022-01-12aceptado
80
120375322022-01-12VulD...cvss2_vuldb_acLderived from vuldb v3 vector2022-01-12aceptado
80
120375312022-01-12VulD...cvss2_vuldb_avNderived from vuldb v3 vector2022-01-12aceptado
80
120375302022-01-12VulD...date1641942000 (2022-01-12)2022-01-12aceptado
90

31 no se muestran más entradas

Might our Artificial Intelligence support you?

Check our Alexa App!