PAN-SA-2024-0014 Informational Bulletin: Impact of OSS CVEs in Cortex XDR Agent
Informational
Description
The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to Cortex XDR Agent. While Cortex XDR Agent may include the affected OSS package, Cortex XDR Agent does not offer any scenarios required for an attacker to successfully exploit these vulnerabilities and is not impacted.
In addition, as part of our Secure Software Development Lifecycle, we regularly update the versions of open source software in the Cortex XDR agent. Version information regarding this open source software can be found here: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-OSS-Listings
CVE | Summary |
---|---|
CVE-2014-0195 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2014-0224 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2014-3509 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2014-3512 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2014-3513 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2014-3567 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2015-0209 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2015-0292 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2015-1789 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2015-1791 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2015-1793 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2015-3194 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2016-0705 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2016-0797 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2016-0798 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2016-0799 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2016-2105 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2016-2106 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2016-2108 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2016-2109 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2016-2176 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2016-2177 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2016-2179 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2016-2180 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2016-2181 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2016-2182 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2016-2183 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2016-6302 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2016-6303 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2016-6304 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2019-1551 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2019-1552 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2019-1559 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2019-1563 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2020-1968 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2020-1971 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2021-3449 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2021-3450 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2021-3711 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2021-3712 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2021-23839 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2021-23840 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2021-23841 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2021-32921 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2022-1292 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2022-2068 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2022-2097 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2022-4304 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2022-4450 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2022-33099 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2023-0215 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2023-0286 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2023-0464 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2023-0465 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2023-0466 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2023-2650 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2023-3446 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2023-3817 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2023-5363 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2023-5678 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2023-23931 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2023-27043 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2023-36632 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2023-40217 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2023-41105 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2023-49083 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2024-4603 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2024-5535 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2024-6119 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2024-9143 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2024-24557 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
CVE-2024-28180 | This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality. |
Product Status
Versions | Affected | Unaffected |
---|---|---|
Cortex XDR Agent | None | All |
Exploitation Status
Palo Alto Networks is not aware of any malicious exploitation of these issues in Cortex XDR Agent.
Solution
No software updates are required at this time.