CVE-2022-0027 is a vulnerability in Palo Alto Networks Cortex Xsoar
Published on May 11, 2022
Cortex XSOAR: Incorrect Authorization Vulnerability When Generating Reports
An improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables authenticated users in non-Read-Only groups to generate an email report that contains summary information about all incidents in the Cortex XSOAR instance, including incidents to which the user does not have access. This issue impacts: All versions of Cortex XSOAR 6.1; All versions of Cortex XSOAR 6.2; All versions of Cortex XSOAR 6.5; Cortex XSOAR 6.6 versions earlier than Cortex XSOAR 6.6.0 build 6.6.0.2585049.
Vulnerability Analysis
CVE-2022-0027 can be exploited with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.
Timeline
Initial publication
Weakness Type
What is an AuthZ Vulnerability?
The software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
CVE-2022-0027 has been classified to as an AuthZ vulnerability or weakness.
Products Associated with CVE-2022-0027
Want to know whenever a new CVE is published for Palo Alto Networks Cortex Xsoar? stack.watch will email you.
Affected Versions
Palo Alto Networks Cortex XSOAR:- Version 6.1.* is affected.
- Version 6.2.* is affected.
- Version 6.5.* is affected.
- Version 6.6 and below 6.6.0.2585049 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.