Cortex XDR Broker VM Info Disclosure via UI (CVE-2026-0231)
CVE-2026-0231 Published on March 11, 2026
Cortex XDR Broker VM: Sensitive Information Disclosure Vulnerability
An information disclosure vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to obtain and modify sensitive information by triggering live terminal session via Cortex UI and modifying any configuration setting.
The attacker must have network access to the Broker VM to exploit this issue.
Timeline
Initial Publication
Weakness Type
Exposure of Sensitive System Information to an Unauthorized Control Sphere
The application does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the application does.
Products Associated with CVE-2026-0231
Want to know whenever a new CVE is published for Palo Alto Networks Cortex Xdr Broker Vm? stack.watch will email you.
Affected Versions
Palo Alto Networks Cortex XDR Broker VM:- Version 30.0.0 and below 30.0.49 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.