CVE-2021-3034

Description

An information exposure through log file vulnerability exists in Cortex XSOAR software where the secrets configured for the SAML single sign-on (SSO) integration can be logged to the '/var/log/demisto/' server logs when testing the integration during setup. This logged information includes the private key and identity provider certificate used to configure the SAML SSO integration. This issue impacts: Cortex XSOAR 5.5.0 builds earlier than 98622; Cortex XSOAR 6.0.1 builds earlier than 830029; Cortex XSOAR 6.0.2 builds earlier than 98623; Cortex XSOAR 6.1.0 builds earlier than 848144.

Related CPE's

apaloaltonetworkscortex_xsoar5.5.0*******

apaloaltonetworkscortex_xsoar6.1.0*******

apaloaltonetworkscortex_xsoar6.0.2*******

apaloaltonetworkscortex_xsoar6.0.1*******

apaloaltonetworkscortex_xsoar5.5.094592******

apaloaltonetworkscortex_xsoar5.5.078518******

apaloaltonetworkscortex_xsoar5.5.075211******

apaloaltonetworkscortex_xsoar5.5.073387******

apaloaltonetworkscortex_xsoar5.5.070066******

apaloaltonetworkscortex_xsoar6.0.181077******

References

N/A

Vendor Advisory

CvssV3 impact

Version

3.1

VectorString

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N

AttackVector

LOCAL

AttackComplexity

LOW

PrivilegesRequired

HIGH

UserInteraction

NONE

Scope

UNCHANGED

ConfidentialityImpact

HIGH

IntegrityImpact

LOW

AvailabilityImpact

NONE

BaseScore

5.1

BaseSeverity

MEDIUM

CvssV2 impact

Version

2.0

VectorString

AV:L/AC:L/Au:N/C:P/I:P/A:N

AccessVector

LOCAL

AccessComplexity

LOW

Authentication

NONE

ConfidentialityImpact

PARTIAL

IntegrityImpact

PARTIAL

AvailabilityImpact

NONE

BaseScore

3.5999999046325684

Created by Yello
About Severity.io