CVE-2021-3051

Description

An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR SAML authentication that enables an unauthenticated network-based attacker with specific knowledge of the Cortex XSOAR instance to access protected resources and perform unauthorized actions on the Cortex XSOAR server. This issue impacts: Cortex XSOAR 5.5.0 builds earlier than 1578677; Cortex XSOAR 6.0.2 builds earlier than 1576452; Cortex XSOAR 6.1.0 builds earlier than 1578663; Cortex XSOAR 6.2.0 builds earlier than 1578666. All Cortex XSOAR instances hosted by Palo Alto Networks are protected from this vulnerability; no additional action is required for these instances.

Related CPE's

apaloaltonetworkscortex_xsoar5.5.0-******

vulnerable

apaloaltonetworkscortex_xsoar5.5.070066******

vulnerable

apaloaltonetworkscortex_xsoar5.5.073387******

vulnerable

apaloaltonetworkscortex_xsoar5.5.075211******

vulnerable

apaloaltonetworkscortex_xsoar5.5.078518******

vulnerable

apaloaltonetworkscortex_xsoar5.5.094592******

vulnerable

apaloaltonetworkscortex_xsoar6.0.2-******

vulnerable

apaloaltonetworkscortex_xsoar6.0.290947******

vulnerable

apaloaltonetworkscortex_xsoar6.0.293351******

vulnerable

apaloaltonetworkscortex_xsoar6.0.294597******

vulnerable

References

N/A

Vendor Advisory

CvssV3 impact

Version

3.1

VectorString

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AttackVector

NETWORK

AttackComplexity

HIGH

PrivilegesRequired

NONE

UserInteraction

NONE

Scope

UNCHANGED

ConfidentialityImpact

HIGH

IntegrityImpact

HIGH

AvailabilityImpact

HIGH

BaseScore

8.1

BaseSeverity

HIGH

CvssV2 impact

AccessComplexity

MEDIUM

ConfidentialityImpact

PARTIAL

AvailabilityImpact

PARTIAL

IntegrityImpact

PARTIAL

BaseScore

6.8

VectorString

AV:N/AC:M/Au:N/C:P/I:P/A:P

Version

2.0

AccessVector

NETWORK

Authentication

NONE

Created by Yello
About Severity.io