Palo Alto Networks Security Advisories / CVE-2024-9470

CVE-2024-9470 Cortex XSOAR: Information Disclosure Vulnerability

Urgency MODERATE

047910
Severity 5.3 · MEDIUM
Response Effort MODERATE
Recovery AUTOMATIC
Value Density DIFFUSE
Attack Vector NETWORK
Attack Complexity LOW
Attack Requirements NONE
Automatable YES
User Interaction NONE
Product Confidentiality LOW
Product Integrity NONE
Product Availability NONE
Privileges Required LOW
Subsequent Confidentiality NONE
Subsequent Integrity NONE
Subsequent Availability NONE

Description

A vulnerability in Cortex XSOAR allows the disclosure of incident data to users who do not have the privilege to view the data.

Product Status

VersionsAffectedUnaffected
Cortex XSOAR 8.0NoneAll
Cortex XSOAR 6.13NoneAll
Cortex XSOAR 6.12< 6.12.0 (Build 1271551)>= 6.12.0 (Build 1271551)

Severity: MEDIUM, Suggested Urgency: MODERATE

CVSS-B: 5.3 (CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/AU:Y/R:A/V:D/RE:M/U:Amber)

Exploitation Status

Palo Alto Networks is not aware of any malicious exploitation of this issue.

Weakness Type

CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere

Solution

This issue is fixed in Cortex XSOAR 6.12.0 (Build 1271551), and all later Cortex XSOAR versions.

Acknowledgments

Palo Alto Networks thanks Bobby Roos of Kyndryl CSIRT for discovering and reporting this issue.

Timeline

Initial publication
© 2024 Palo Alto Networks, Inc. All rights reserved.