Researchers from Palo Alto Networks discovered and addresses a critical improper authorization vulnerability, tracked as CVE-2021-3044, that affects its Cortex XSOAR SOAR platform. The CVE-2021-3044 vulnerability received a CVSS score of 9.8.
A remote, unauthenticated attacker with network access to the Cortex XSOAR server could exploit the vulnerability perform unauthorized actions through the REST API.
“An improper authorization vulnerability in Palo Alto Networks Cortex XSOAR enables a remote unauthenticated attacker with network access to the Cortex XSOAR server to perform unauthorized actions through the REST API.” reads the security advisory published by the security vendor. “This issue is not a remote code execution vulnerability. This issue enables an unauthorized attacker to perform actions on behalf of an active Cortex XSOAR integration, which includes running commands and automations in the Cortex XSOAR War Room.”
This vulnerability impacts:
Cortex XSOAR 5.5.0, Cortex XSOAR 6.0.0, Cortex XSOAR 6.0.1, or Cortex XSOAR 6.0.2 versions are not impacted.
The security vendor also provides workarounds for this issue, it suggests revoking all active integration API keys to fully mitigate the impact of this issue and restricting network access to the XSOAR server.
Palo Alto Networks is not aware of any attacks exploiting the CVE-2021-3044 vulnerability.
Follow me on Twitter: @securityaffairs and Facebook
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, Palo Alto Networks)
[adrotate banner=”5″]
[adrotate banner=”13″]
FBI warns ex-officials are targeted with deepfake texts and AI voice messages impersonating senior U.S.…
Google warns that the cybercrime group Scattered Spider behind UK retailer attacks is now targeting…
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium, DrayTek routers, and SAP NetWeaver…
On day two of Pwn2Own Berlin 2025, participants earned $435,000 for demonstrating zero-day in SharePoint,…
New botnet HTTPBot is targeting China's gaming, tech, and education sectors, cybersecurity researchers warn. NSFOCUS …
Meta plans to train AI on EU user data from May 27 without consent; privacy…
This website uses cookies.