Palo Alto Networks Security Advisories / PAN-SA-2024-0014

PAN-SA-2024-0014 Informational Bulletin: Impact of OSS CVEs in Cortex XDR Agent


Informational

Description

The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to Cortex XDR Agent. While Cortex XDR Agent may include the affected OSS package, Cortex XDR Agent does not offer any scenarios required for an attacker to successfully exploit these vulnerabilities and is not impacted.

In addition, as part of our Secure Software Development Lifecycle, we regularly update the versions of open source software in the Cortex XDR agent. Version information regarding this open source software can be found here: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-OSS-Listings

CVESummary
CVE-2014-0195This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2014-0224This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2014-3509This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2014-3512This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2014-3513This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2014-3567This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2015-0209This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2015-0292This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2015-1789This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2015-1791This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2015-1793This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2015-3194This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2016-0705This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2016-0797This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2016-0798This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2016-0799This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2016-2105This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2016-2106This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2016-2108This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2016-2109This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2016-2176This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2016-2177This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2016-2179This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2016-2180This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2016-2181This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2016-2182This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2016-2183This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2016-6302This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2016-6303This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2016-6304This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2019-1551This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2019-1552This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2019-1559This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2019-1563This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2020-1968This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2020-1971This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2021-3449This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2021-3450This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2021-3711This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2021-3712This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2021-23839This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2021-23840This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2021-23841This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2021-32921This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2022-1292This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2022-2068This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2022-2097This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2022-4304This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2022-4450This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2022-33099This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2023-0215This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2023-0286This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2023-0464This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2023-0465This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2023-0466This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2023-2650This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2023-3446This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2023-3817This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2023-5363This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2023-5678This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2023-23931This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2023-27043This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2023-36632This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2023-40217This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2023-41105This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2023-49083This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2024-4603This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2024-5535This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2024-6119This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2024-9143This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2024-24557This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.
CVE-2024-28180This CVE does not affect Cortex XDR agent as the Cortex XDR agent does not use the affected functionality.

Product Status

VersionsAffectedUnaffected
Cortex XDR Agent NoneAll

Exploitation Status

Palo Alto Networks is not aware of any malicious exploitation of these issues in Cortex XDR Agent.

Solution

No software updates are required at this time.

© 2024 Palo Alto Networks, Inc. All rights reserved.