February 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities
February 10, 2023Rewterz Threat Advisory – Multiple Node.js Vulnerabilities
February 10, 2023Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities
February 10, 2023Rewterz Threat Advisory – Multiple Node.js Vulnerabilities
February 10, 2023
Severity
Medium
Analysis Summary
CVE-2023-0003 CVSS:6.5
Palo Alto Networks Cortex XSOAR server could allow a remote authenticated attacker to obtain sensitive information, caused by a file disclosure vulnerability. An attacker could exploit this vulnerability to read local files from the server.
CVE-2023-0001 CVSS:6
Palo Alto Networks Cortex XDR agent could allow a local authenticated attacker to obtain sensitive information, caused by an information exposure vulnerability. An attacker could exploit this vulnerability to disclose the admin password for the agent in cleartext, which bad actors can then use to execute privileged cytool commands that disable or uninstall the agent.
CVE-2023-0002 CVSS:5.5
Palo Alto Networks Cortex XDR Agent is vulnerable to a denial of service, caused by a flaw in the protection mechanism. By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to disable or uninstall the agent resulting in a denial of service.
Impact
- Denial of Service
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2023-0003
- CVE-2023-0001
- CVE-2023-0002
Affected Vendors
Palo Alto
Affected Products
- Palo Alto Networks Cortex XDR Agent 5.0
- Palo Alto Networks Cortex XSOAR 6.6.0
- Palo Alto Networks Cortex XSOAR 6.8.0
- Palo Alto Networks Cortex XSOAR 6.9.0
- Palo Alto Networks Cortex XSOAR 6.10
- Palo Alto Networks Cortex XDR Agent 7.5
Remediation
Refer to Palo Alto Networks Security Advisories for patch, upgrade or suggested workaround information.