Cortex XSOAR: Path Traversal Vulnerability
Summary
| CVE | CVE-2026-0270 |
|---|---|
| State | PUBLISHED |
| Assigner | palo_alto |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-06-10 22:16:53 UTC |
| Updated | 2026-06-11 15:21:30 UTC |
| Description | A path traversal vulnerability in Palo Alto Networks Cortex XSOAR engine software running on Linux allows an unauthenticated attacker on an adjacent network, with the ability to intercept and manipulate network response traffic via a man-in-the-middle (MITM) attack, to write arbitrary files to the host. |
Risk And Classification
Primary CVSS: v4.0 4.8 MEDIUM from [email protected]
CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:D/RE:M/U:Amber
EPSS: 0.001560000 probability, percentile 0.050520000 (date 2026-06-16)
Problem Types: CWE-22 | CWE-22 CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 4.0 | [email protected] | Secondary | 4.8 | MEDIUM | CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/C... |
| 4.0 | CNA | CVSS | 4.8 | MEDIUM | CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/A... |
CVSS v4.0 Breakdown
CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:D/RE:M/U:Amber
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Palo Alto Networks | Cortex XSOAR | affected 8.13 8.13.0.11 custom | Linux |
| CNA | Palo Alto Networks | Cortex XSOAR | affected 8.12.0 custom | Not specified |
| CNA | Palo Alto Networks | Cortex XSOAR | affected 8.11.0 custom | Not specified |
| CNA | Palo Alto Networks | Cortex XSOAR | affected 8.10.0 custom | Not specified |
| CNA | Palo Alto Networks | Cortex XSOAR | unaffected 6.14.0 custom | Not specified |
| CNA | Palo Alto Networks | Cortex XSOAR | unaffected 6.13.0 custom | Not specified |
| CNA | Palo Alto Networks | Cortex XSOAR | unaffected 6.12.0 custom | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| security.paloaltonetworks.com/CVE-2026-0270 | [email protected] | security.paloaltonetworks.com | |
| nvd.nist.gov/vuln/detail/CVE-2007-4559 | [email protected] | nvd.nist.gov | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
CNA: Palo Alto Networks thanks the internal security team for discovering and reporting this issue. (en)
Additional Advisory Data
| Source | Time | Event |
|---|---|---|
| CNA | 2026-06-10T16:00:00.000Z | Initial publication |
Solutions
CNA: VERSION MINOR VERSION SUGGESTED SOLUTION Cortex XSOAR 8.13 on Linux 8.13.0 Upgrade to 8.13.0.11 or later.
Workarounds
CNA: Palo Alto Networks is not aware of any malicious exploitation of these issues.
Exploits
CNA: Palo Alto Networks is not aware of any malicious exploitation of this issue.