CVE-2023-0001

Published: Feb 8, 2023Modified: Nov 21, 2024

6.7

Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 0.8 / Impact: 5.9

Source: NVD

Description

An information exposure vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local system administrator to disclose the admin password for the agent in cleartext, which bad actors can then use to execute privileged cytool commands that disable or uninstall the agent.

Affected (1)

Products: Paloaltonetworks: Cortex Xdr Agent

Paloaltonetworks

1 product

Cortex Xdr Agent

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Paloaltonetworks Cortex Xdr Agent	From 7.5 to 7.5.101

Running on/with	Platform Versions
Microsoft Windows	All versions

Related CWEs

Cleartext Transmission of Sensitive Information

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

References (2)

https://security.paloaltonetworks.com/CVE-2023-0001

Source: psirt@paloaltonetworks.com

Vendor Advisory

https://security.paloaltonetworks.com/CVE-2023-0001

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.