A file disclosure vulnerability in the Palo Alto Networks Cortex XSOAR server software enables an authenticated user with access to the web interface to read local files from the server.
.This CVE has a CVSS3.1 score of 6.5 and a Base Severity of MEDIUM.
| Info | Details |
|---|---|
| CVE ID | CVE-2023-0003 |
| CVE State | PUBLISHED |
| BaseScore | 6.5 |
| BaseSeverity | MEDIUM |
| VectorString | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
| Version | NA |
References for CVE-2023-0003 :
https://security.paloaltonetworks.com/CVE-2023-0003
https://lists.fedoraproject.org/archives/list/[email protected]/message/VEEQIN5242K5NBE2CZ4DYTNA5B4YTYE5/
https://lists.fedoraproject.org/archives/list/[email protected]/message/UEJWL67XR67JAGEL2ZK22NA3BRKNMZNY/
https://lists.fedoraproject.org/archives/list/[email protected]/message/VKFMKD4MJZIKFQJAAJ4VZ2FHIJ764A76/
https://lists.fedoraproject.org/archives/list/[email protected]/message/HMEELCREWMRT6NS7HWXLA6XFLLMO36HE/
| Metric Type | Metric Score |
|---|---|
| AttackVector(AV) | NETWORK |
| AttackComplexity(AC) | LOW |
| PrivilegesRequired(PR) | LOW |
| UserInteraction(UI) | NONE |
| Scope(S) | UNCHANGED |
| Confidentiality(C) | HIGH |
| Availability(A) | NONE |
| Integrity(I) | NONE |