Impact
A path traversal flaw (CWE-22) exists in the Cortex XSOAR engine running on Linux. The flaw allows an unauthenticated attacker who can intercept and manipulate traffic via a MitM attack on an adjacent network to write arbitrary files to the host. This violates data integrity and can enable attackers to modify configuration files or deploy malicious content, potentially compromising the system.
Affected Systems
The affected system is an installation of Palo Alto Networks Cortex XSOAR version 8.13.0 running on Linux. The vendor recommends upgrading to version 8.13.0.11 or newer to eliminate the flaw. No specific OS versions outside of Linux are mentioned; the vulnerability is limited to Linux builds of Cortex XSOAR.
Risk and Exploitability
The CVSS score is 4.8, placing the vulnerability in a moderate risk range. EPSS is not available, and the issue is not yet listed in CISA KEV. The attack requires network proximity and the ability to perform a MitM attack, so it is unlikely to be exploited remotely over the internet. Nevertheless, the potential for arbitrary file writing makes it a serious concern, especially in environments where Cortex XSOAR is exposed to untrusted network segments.
OpenCVE Enrichment