An information exposure through log file vulnerability exists in Cortex XSOAR software where the secrets configured for the SAML single sign-on (SSO) integration can be logged to the '/var/log/demisto/' server logs when testing the integration during setup. This logged information includes the private key and identity provider certificate used to configure the SAML SSO integration. This issue impacts: Cortex XSOAR 5.5.0 builds earlier than 98622; Cortex XSOAR 6.0.1 builds earlier than 830029; Cortex XSOAR 6.0.2 builds earlier than 98623; Cortex XSOAR 6.1.0 builds earlier than 848144.
References
Link | Resource |
---|---|
https://security.paloaltonetworks.com/CVE-2021-3034 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
24 Mar 2021, 01:56
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://security.paloaltonetworks.com/CVE-2021-3034 - Vendor Advisory | |
CWE | CWE-532 | |
CPE | cpe:2.3:a:paloaltonetworks:cortex_xsoar:5.5.0:78518:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:cortex_xsoar:5.5.0:75211:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:cortex_xsoar:5.5.0:*:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:cortex_xsoar:5.5.0:70066:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:cortex_xsoar:5.5.0:94592:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.0.2:93351:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.1.0:*:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.0.2:90947:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.0.1:*:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.0.2:94597:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.0.2:*:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.0.2:97682:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:cortex_xsoar:5.5.0:73387:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.0.1:81077:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 3.6
v3 : 5.1 |
11 Mar 2021, 15:15
Type | Values Removed | Values Added |
---|---|---|
Summary | An information exposure through log file vulnerability exists in Cortex XSOAR software where the secrets configured for the SAML single sign-on (SSO) integration can be logged to the '/var/log/demisto/' server logs when testing the integration during setup. This logged information includes the private key and identity provider certificate used to configure the SAML SSO integration. This issue impacts: Cortex XSOAR 5.5.0 builds earlier than 98622; Cortex XSOAR 6.0.1 builds earlier than 830029; Cortex XSOAR 6.0.2 builds earlier than 98623; Cortex XSOAR 6.1.0 builds earlier than 848144. |
10 Mar 2021, 19:15
Type | Values Removed | Values Added |
---|---|---|
Summary | An information exposure through log file vulnerability exists in Cortex XSOAR software where the secrets configured for the SAML single sign-on (SSO) integration can be logged to the ‘/var/log/demisto/’ server logs when testing the integration during setup. This logged information includes the private key and identity provider certificate used to configure the SAML SSO integration. This issue impacts: Cortex XSOAR 5.5.0 builds earlier than 98622; Cortex XSOAR 6.0.1 builds earlier than 830029; Cortex XSOAR 6.0.2 builds earlier than 98623; Cortex XSOAR 6.1.0 builds earlier than 848144. | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.1 |
10 Mar 2021, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-03-10 18:15
Updated : 2023-12-10 13:41
NVD link : CVE-2021-3034
Mitre link : CVE-2021-3034
CVE.ORG link : CVE-2021-3034
JSON object : View
Products Affected
paloaltonetworks
- cortex_xsoar
CWE
CWE-532
Insertion of Sensitive Information into Log File