CVE-2021-3049

Summary

CVE	CVE-2021-3049
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2021-09-08 17:15:00 UTC
Updated	2022-07-25 11:12:00 UTC
Description	An improper authorization vulnerability in the Palo Alto Networks Cortex XSOAR server enables an authenticated network-based attacker with investigation read permissions to download files from incident investigations of which they are aware but are not a part of. This issue impacts: All Cortex XSOAR 5.5.0 builds; Cortex XSOAR 6.1.0 builds earlier than 12099345. This issue does not impact Cortex XSOAR 6.2.0 versions.

Risk And Classification

Problem Types: NVD-CWE-Other

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Paloaltonetworks	Cortex Xsoar	5.5.0	-	All	All
Application	Paloaltonetworks	Cortex Xsoar	5.5.0	70066	All	All
Application	Paloaltonetworks	Cortex Xsoar	5.5.0	73387	All	All
Application	Paloaltonetworks	Cortex Xsoar	5.5.0	75211	All	All
Application	Paloaltonetworks	Cortex Xsoar	5.5.0	78518	All	All
Application	Paloaltonetworks	Cortex Xsoar	5.5.0	94592	All	All
Application	Paloaltonetworks	Cortex Xsoar	6.1.0	-	All	All
Application	Paloaltonetworks	Cortex Xsoar	6.1.0	1016923	All	All
Application	Paloaltonetworks	Cortex Xsoar	6.1.0	1031903	All	All
Application	Paloaltonetworks	Cortex Xsoar	6.1.0	1077664	All	All
Application	Paloaltonetworks	Cortex Xsoar	6.1.0	848144	All	All

References

Reference	Source	Link	Tags
CVE-2021-3049 Cortex XSOAR: Improper Authorization of Incident Investigations Vulnerability	CONFIRM	security.paloaltonetworks.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

Vendor Comments And Credit

Discovery Credit

LEGACY: Palo Alto Networks would like to thank CAGIP for discovering and reporting this issue.

There are currently no legacy QID mappings associated with this CVE.