CVE-2024-9470

Oct. 10, 2024, 12:51 p.m.

Tags

CWE-497
psirt@paloaltonetworks.com
2024-10-09
CVE-2024-9470

Product(s) Impacted

Cortex XSOAR

Description

A vulnerability in Cortex XSOAR allows the disclosure of incident data to users who do not have the privilege to view the data.

Weaknesses

CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere

The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does.

CWE ID: 497

Date

Published: Oct. 9, 2024, 5:15 p.m.

Last Modified: Oct. 10, 2024, 12:51 p.m.

Status : Undergoing Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

psirt@paloaltonetworks.com

References

https://security.paloaltonetworks.com/CVE-2024-9470
psirt@paloaltonetworks.com