cve-2021-3034
Vulnerability from cvelistv5
Published
2021-03-10 18:10
Modified
2024-09-16 16:38
Severity ?
EPSS score ?
Summary
An information exposure through log file vulnerability exists in Cortex XSOAR software where the secrets configured for the SAML single sign-on (SSO) integration can be logged to the '/var/log/demisto/' server logs when testing the integration during setup. This logged information includes the private key and identity provider certificate used to configure the SAML SSO integration. This issue impacts: Cortex XSOAR 5.5.0 builds earlier than 98622; Cortex XSOAR 6.0.1 builds earlier than 830029; Cortex XSOAR 6.0.2 builds earlier than 98623; Cortex XSOAR 6.1.0 builds earlier than 848144.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Palo Alto Networks | Cortex XSOAR |
Version: 5.5.0 < 98622 Version: 6.0.2 < 98623 Version: 6.0.1 < 830029 Version: 6.1.0 < 848144 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:45:50.845Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2021-3034"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cortex XSOAR",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "98622",
"status": "unaffected"
}
],
"lessThan": "98622",
"status": "affected",
"version": "5.5.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "98623",
"status": "unaffected"
}
],
"lessThan": "98623",
"status": "affected",
"version": "6.0.2",
"versionType": "custom"
},
{
"changes": [
{
"at": "830029",
"status": "unaffected"
}
],
"lessThan": "830029",
"status": "affected",
"version": "6.0.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "848144",
"status": "unaffected"
}
],
"lessThan": "848144",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "This issue is applicable only to Cortex XSOAR appliances configured to use SAML SSO and where the \u0027Test\u0027 button was used at some point to test the integration during SAML SSO setup."
}
],
"credits": [
{
"lang": "en",
"value": "Palo Alto Networks thanks Martin Spielmann and Stefan Lubienetzki for discovering and reporting this issue."
}
],
"datePublic": "2021-03-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An information exposure through log file vulnerability exists in Cortex XSOAR software where the secrets configured for the SAML single sign-on (SSO) integration can be logged to the \u0027/var/log/demisto/\u0027 server logs when testing the integration during setup. This logged information includes the private key and identity provider certificate used to configure the SAML SSO integration. This issue impacts: Cortex XSOAR 5.5.0 builds earlier than 98622; Cortex XSOAR 6.0.1 builds earlier than 830029; Cortex XSOAR 6.0.2 builds earlier than 98623; Cortex XSOAR 6.1.0 builds earlier than 848144."
}
],
"exploits": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Information Exposure Through Log Files",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-11T14:22:39",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.paloaltonetworks.com/CVE-2021-3034"
}
],
"solutions": [
{
"lang": "en",
"value": "This issue is fixed in Cortex XSOAR 5.5.0 build 98622, Cortex XSOAR 6.0.1 build 830029, Cortex XSOAR 6.0.2 build 98623, Cortex XSOAR 6.1.0 build 848144, and all later Cortex XSOAR versions.\n\nAfter you upgrade the Cortex XSOAR appliance, you must configure a new private key for SAML SSO integration. Clear the server system logs using the instructions provided in the Workarounds and Mitigations section to remove any potentially logged secrets."
}
],
"source": {
"defect": [
"XSOAR-33287"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2021-03-10T00:00:00",
"value": "Initial publication"
}
],
"title": "Cortex XSOAR: Secrets for SAML single sign-on (SSO) integration may be logged in system logs",
"workarounds": [
{
"lang": "en",
"value": "You must configure a new private key for SAML SSO integration and you should not use the \u0027Test\u0027 button at any time during setup until after you complete the Cortex XSOAR upgrade.\n\nYou must clear all server system log files located in the \u0027/var/log/demisto/\u0027 directory. There may be several files in this directory, including the server.log file and other archived server logs.\n\nYou can clear all server system logs by stopping the server and running the \u0027rm /var/log/demisto/server*.log\u0027 command from the console."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2021-03-10T17:00:00.000Z",
"ID": "CVE-2021-3034",
"STATE": "PUBLIC",
"TITLE": "Cortex XSOAR: Secrets for SAML single sign-on (SSO) integration may be logged in system logs"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cortex XSOAR",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "5.5.0",
"version_value": "98622"
},
{
"version_affected": "\u003c",
"version_name": "6.0.2",
"version_value": "98623"
},
{
"version_affected": "\u003c",
"version_name": "6.0.1",
"version_value": "830029"
},
{
"version_affected": "\u003c",
"version_name": "6.1.0",
"version_value": "848144"
},
{
"version_affected": "!\u003e=",
"version_name": "5.5.0",
"version_value": "98622"
},
{
"version_affected": "!\u003e=",
"version_name": "6.0.2",
"version_value": "98623"
},
{
"version_affected": "!\u003e=",
"version_name": "6.0.1",
"version_value": "830029"
},
{
"version_affected": "!\u003e=",
"version_name": "6.1.0",
"version_value": "848144"
}
]
}
}
]
},
"vendor_name": "Palo Alto Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "This issue is applicable only to Cortex XSOAR appliances configured to use SAML SSO and where the \u0027Test\u0027 button was used at some point to test the integration during SAML SSO setup."
}
],
"credit": [
{
"lang": "eng",
"value": "Palo Alto Networks thanks Martin Spielmann and Stefan Lubienetzki for discovering and reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information exposure through log file vulnerability exists in Cortex XSOAR software where the secrets configured for the SAML single sign-on (SSO) integration can be logged to the \u0027/var/log/demisto/\u0027 server logs when testing the integration during setup. This logged information includes the private key and identity provider certificate used to configure the SAML SSO integration. This issue impacts: Cortex XSOAR 5.5.0 builds earlier than 98622; Cortex XSOAR 6.0.1 builds earlier than 830029; Cortex XSOAR 6.0.2 builds earlier than 98623; Cortex XSOAR 6.1.0 builds earlier than 848144."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-532 Information Exposure Through Log Files"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.paloaltonetworks.com/CVE-2021-3034",
"refsource": "CONFIRM",
"url": "https://security.paloaltonetworks.com/CVE-2021-3034"
}
]
},
"solution": [
{
"lang": "en",
"value": "This issue is fixed in Cortex XSOAR 5.5.0 build 98622, Cortex XSOAR 6.0.1 build 830029, Cortex XSOAR 6.0.2 build 98623, Cortex XSOAR 6.1.0 build 848144, and all later Cortex XSOAR versions.\n\nAfter you upgrade the Cortex XSOAR appliance, you must configure a new private key for SAML SSO integration. Clear the server system logs using the instructions provided in the Workarounds and Mitigations section to remove any potentially logged secrets."
}
],
"source": {
"defect": [
"XSOAR-33287"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2021-03-10T00:00:00",
"value": "Initial publication"
}
],
"work_around": [
{
"lang": "en",
"value": "You must configure a new private key for SAML SSO integration and you should not use the \u0027Test\u0027 button at any time during setup until after you complete the Cortex XSOAR upgrade.\n\nYou must clear all server system log files located in the \u0027/var/log/demisto/\u0027 directory. There may be several files in this directory, including the server.log file and other archived server logs.\n\nYou can clear all server system logs by stopping the server and running the \u0027rm /var/log/demisto/server*.log\u0027 command from the console."
}
],
"x_affectedList": [
"Cortex XSOAR 6.1.0",
"Cortex XSOAR 6.0.2",
"Cortex XSOAR 6.0.1",
"Cortex XSOAR 5.5.0"
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2021-3034",
"datePublished": "2021-03-10T18:10:13.665033Z",
"dateReserved": "2021-01-06T00:00:00",
"dateUpdated": "2024-09-16T16:38:50.120Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:paloaltonetworks:cortex_xsoar:5.5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"76B47510-C747-4A91-8120-CBD872DDE5F8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:paloaltonetworks:cortex_xsoar:5.5.0:70066:*:*:*:*:*:*\", \"matchCriteriaId\": \"CCC73F19-BAEC-464E-813E-AABFB0FF1749\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:paloaltonetworks:cortex_xsoar:5.5.0:73387:*:*:*:*:*:*\", \"matchCriteriaId\": \"829FDD7F-9F92-4425-BA03-7A916C672A1A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:paloaltonetworks:cortex_xsoar:5.5.0:75211:*:*:*:*:*:*\", \"matchCriteriaId\": \"01F6E4B3-7264-4B6B-A2E0-EC0C6E454FE9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:paloaltonetworks:cortex_xsoar:5.5.0:78518:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFF634F2-427F-46AF-A203-3F8F91AEB039\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:paloaltonetworks:cortex_xsoar:5.5.0:94592:*:*:*:*:*:*\", \"matchCriteriaId\": \"C1B47446-7E43-44ED-A734-4C300ED6F6CC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E09D6E6D-586A-4034-A5ED-6669EECE4715\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.0.1:81077:*:*:*:*:*:*\", \"matchCriteriaId\": \"4F60A667-2802-4EE5-879D-DEF385C8A252\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FDAAC395-8A8B-4058-AEC8-450DA13E4D5E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.0.2:90947:*:*:*:*:*:*\", \"matchCriteriaId\": \"5617A797-C295-4534-A8BD-DB7637FEDDA1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.0.2:93351:*:*:*:*:*:*\", \"matchCriteriaId\": \"924A87A5-6809-4D3A-B660-4F3D3E930103\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.0.2:94597:*:*:*:*:*:*\", \"matchCriteriaId\": \"B046FAAA-2FC4-4F69-980B-878BA24D1ACE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.0.2:97682:*:*:*:*:*:*\", \"matchCriteriaId\": \"231DF541-0D13-42DD-9392-A269999DA50C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"62F98F51-39E4-480D-8DB8-EE5AD36920FC\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"An information exposure through log file vulnerability exists in Cortex XSOAR software where the secrets configured for the SAML single sign-on (SSO) integration can be logged to the \u0027/var/log/demisto/\u0027 server logs when testing the integration during setup. This logged information includes the private key and identity provider certificate used to configure the SAML SSO integration. This issue impacts: Cortex XSOAR 5.5.0 builds earlier than 98622; Cortex XSOAR 6.0.1 builds earlier than 830029; Cortex XSOAR 6.0.2 builds earlier than 98623; Cortex XSOAR 6.1.0 builds earlier than 848144.\"}, {\"lang\": \"es\", \"value\": \"Se presenta una exposici\\u00f3n de la informaci\\u00f3n por medio de la vulnerabilidad del archivo de registro en el software Cortex XSOAR donde los secretos configurados para la integraci\\u00f3n de inicio de sesi\\u00f3n \\u00fanico (SSO) SAML pueden ser registrados en los registros del servidor \\\"/var/log/demisto/\\\" al probar la integraci\\u00f3n durante la instalaci\\u00f3n.\u0026#xa0;Esta informaci\\u00f3n registrada incluye la clave privada y el certificado del proveedor de identidad utilizado para configurar la integraci\\u00f3n SAML SSO.\u0026#xa0;Este problema afecta a: Cortex XSOAR versiones 5.5.0 builds anteriores a 98622;\u0026#xa0;Cortex XSOAR versiones 6.0.1 builds anteriores a 830029;\u0026#xa0;Cortex XSOAR versiones 6.0.2 builds anteriores a 98623;\u0026#xa0;Cortex XSOAR versiones 6.1.0 builds anteriores a 848144\"}]",
"id": "CVE-2021-3034",
"lastModified": "2024-11-21T06:20:48.203",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"psirt@paloaltonetworks.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N\", \"baseScore\": 5.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 0.8, \"impactScore\": 4.2}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:P/A:N\", \"baseScore\": 3.6, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.9, \"impactScore\": 4.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2021-03-10T18:15:13.297",
"references": "[{\"url\": \"https://security.paloaltonetworks.com/CVE-2021-3034\", \"source\": \"psirt@paloaltonetworks.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://security.paloaltonetworks.com/CVE-2021-3034\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"psirt@paloaltonetworks.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-532\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-532\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-3034\",\"sourceIdentifier\":\"psirt@paloaltonetworks.com\",\"published\":\"2021-03-10T18:15:13.297\",\"lastModified\":\"2024-11-21T06:20:48.203\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An information exposure through log file vulnerability exists in Cortex XSOAR software where the secrets configured for the SAML single sign-on (SSO) integration can be logged to the \u0027/var/log/demisto/\u0027 server logs when testing the integration during setup. This logged information includes the private key and identity provider certificate used to configure the SAML SSO integration. This issue impacts: Cortex XSOAR 5.5.0 builds earlier than 98622; Cortex XSOAR 6.0.1 builds earlier than 830029; Cortex XSOAR 6.0.2 builds earlier than 98623; Cortex XSOAR 6.1.0 builds earlier than 848144.\"},{\"lang\":\"es\",\"value\":\"Se presenta una exposici\u00f3n de la informaci\u00f3n por medio de la vulnerabilidad del archivo de registro en el software Cortex XSOAR donde los secretos configurados para la integraci\u00f3n de inicio de sesi\u00f3n \u00fanico (SSO) SAML pueden ser registrados en los registros del servidor \\\"/var/log/demisto/\\\" al probar la integraci\u00f3n durante la instalaci\u00f3n.\u0026#xa0;Esta informaci\u00f3n registrada incluye la clave privada y el certificado del proveedor de identidad utilizado para configurar la integraci\u00f3n SAML SSO.\u0026#xa0;Este problema afecta a: Cortex XSOAR versiones 5.5.0 builds anteriores a 98622;\u0026#xa0;Cortex XSOAR versiones 6.0.1 builds anteriores a 830029;\u0026#xa0;Cortex XSOAR versiones 6.0.2 builds anteriores a 98623;\u0026#xa0;Cortex XSOAR versiones 6.1.0 builds anteriores a 848144\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N\",\"baseScore\":5.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":0.8,\"impactScore\":4.2}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:N\",\"baseScore\":3.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-532\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-532\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paloaltonetworks:cortex_xsoar:5.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76B47510-C747-4A91-8120-CBD872DDE5F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paloaltonetworks:cortex_xsoar:5.5.0:70066:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCC73F19-BAEC-464E-813E-AABFB0FF1749\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paloaltonetworks:cortex_xsoar:5.5.0:73387:*:*:*:*:*:*\",\"matchCriteriaId\":\"829FDD7F-9F92-4425-BA03-7A916C672A1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paloaltonetworks:cortex_xsoar:5.5.0:75211:*:*:*:*:*:*\",\"matchCriteriaId\":\"01F6E4B3-7264-4B6B-A2E0-EC0C6E454FE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paloaltonetworks:cortex_xsoar:5.5.0:78518:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFF634F2-427F-46AF-A203-3F8F91AEB039\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paloaltonetworks:cortex_xsoar:5.5.0:94592:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1B47446-7E43-44ED-A734-4C300ED6F6CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E09D6E6D-586A-4034-A5ED-6669EECE4715\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.0.1:81077:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F60A667-2802-4EE5-879D-DEF385C8A252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDAAC395-8A8B-4058-AEC8-450DA13E4D5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.0.2:90947:*:*:*:*:*:*\",\"matchCriteriaId\":\"5617A797-C295-4534-A8BD-DB7637FEDDA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.0.2:93351:*:*:*:*:*:*\",\"matchCriteriaId\":\"924A87A5-6809-4D3A-B660-4F3D3E930103\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.0.2:94597:*:*:*:*:*:*\",\"matchCriteriaId\":\"B046FAAA-2FC4-4F69-980B-878BA24D1ACE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.0.2:97682:*:*:*:*:*:*\",\"matchCriteriaId\":\"231DF541-0D13-42DD-9392-A269999DA50C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62F98F51-39E4-480D-8DB8-EE5AD36920FC\"}]}]}],\"references\":[{\"url\":\"https://security.paloaltonetworks.com/CVE-2021-3034\",\"source\":\"psirt@paloaltonetworks.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.paloaltonetworks.com/CVE-2021-3034\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.