CVE-2022-0027

An improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables authenticated users in non-Read-Only groups to generate an email report that contains summary information about all incidents in the Cortex XSOAR instance, including incidents to which the user does not have access. This issue impacts: All versions of Cortex XSOAR 6.1; All versions of Cortex XSOAR 6.2; All versions of Cortex XSOAR 6.5; Cortex XSOAR 6.6 versions earlier than Cortex XSOAR 6.6.0 build 6.6.0.2585049.

CVSS v3 4.3 MEDIUM
CVSS v2.0 4.0 MEDIUM

4.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://security.paloaltonetworks.com/CVE-2022-0027	Vendor Advisory
https://security.paloaltonetworks.com/CVE-2022-0027	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:paloaltonetworks:cortex_xsoar::::::::
	cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.1.0:-::::::
	cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.2.0:-::::::
	cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.5.0:-::::::

History

21 Nov 2024, 06:37

Type	Values Removed	Values Added
References	~~() https://security.paloaltonetworks.com/CVE-2022-0027 - Vendor Advisory~~	() https://security.paloaltonetworks.com/CVE-2022-0027 - Vendor Advisory

26 Jun 2023, 17:59

Type	Values Removed	Values Added
CWE	~~CWE-863~~	NVD-CWE-Other

Information

Published : 2022-05-11 17:15

Updated : 2024-11-21 06:37

NVD link : CVE-2022-0027

Mitre link : CVE-2022-0027

CVE.ORG link : CVE-2022-0027

JSON object : View

Products Affected

paloaltonetworks

cortex_xsoar

CWE

CWE-285

Improper Authorization

NVD-CWE-Other

{"id": "CVE-2022-0027", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "psirt@paloaltonetworks.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2022-05-11T17:15:09.343", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2022-0027", "tags": ["Vendor Advisory"], "source": "psirt@paloaltonetworks.com"}, {"url": "https://security.paloaltonetworks.com/CVE-2022-0027", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "psirt@paloaltonetworks.com", "description": [{"lang": "en", "value": "CWE-285"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "An improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables authenticated users in non-Read-Only groups to generate an email report that contains summary information about all incidents in the Cortex XSOAR instance, including incidents to which the user does not have access. This issue impacts: All versions of Cortex XSOAR 6.1; All versions of Cortex XSOAR 6.2; All versions of Cortex XSOAR 6.5; Cortex XSOAR 6.6 versions earlier than Cortex XSOAR 6.6.0 build 6.6.0.2585049."}, {"lang": "es", "value": "Una vulnerabilidad de autorizaci\u00f3n inapropiada en el software Cortex XSOAR de Palo Alto Network permite a usuarios autenticados en grupos de s\u00f3lo lectura generar un informe de correo electr\u00f3nico que contiene informaci\u00f3n resumida sobre todos los incidentes en la instancia de Cortex XSOAR, incluidos los incidentes a los que el usuario no presenta acceso. Este problema afecta: Todas las versiones de Cortex XSOAR 6.1; Todas las versiones de Cortex XSOAR 6.2; Todas las versiones de Cortex XSOAR 6.5; Versiones de Cortex XSOAR 6.6 anteriores a Cortex XSOAR 6.6.0 build 6.6.0.2585049"}], "lastModified": "2024-11-21T06:37:50.973", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:paloaltonetworks:cortex_xsoar:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D35F9793-4C2B-470E-AB12-FB4311468CFB", "versionEndExcluding": "6.6.0.2585049", "versionStartIncluding": "6.6.0"}, {"criteria": "cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.1.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA3AD87F-BF18-48A2-8344-197185D974B0"}, {"criteria": "cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.2.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E7FE2E0-AA0B-4D86-B5B3-4E1417691CC5"}, {"criteria": "cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.5.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C52254D2-F8CC-4700-8FDC-F412FD23E5DE"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@paloaltonetworks.com"}