An information exposure vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local system administrator to disclose the admin password for the agent in cleartext, which bad actors can then use to execute privileged cytool commands that disable or uninstall the agent.
References
Link | Resource |
---|---|
https://security.paloaltonetworks.com/CVE-2023-0001 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2023, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
10 Nov 2023, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
18 Feb 2023, 20:41
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://security.paloaltonetworks.com/CVE-2023-0001 - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.7 |
CPE | cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:critical_environment:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
|
CWE | CWE-319 | |
First Time |
Microsoft windows
Microsoft Paloaltonetworks Paloaltonetworks cortex Xdr Agent |
08 Feb 2023, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-02-08 18:15
Updated : 2024-01-12 22:10
NVD link : CVE-2023-0001
Mitre link : CVE-2023-0001
CVE.ORG link : CVE-2023-0001
JSON object : View
Products Affected
microsoft
- windows
paloaltonetworks
- cortex_xdr_agent
CWE
CWE-319
Cleartext Transmission of Sensitive Information