Today > | 7 High | 24 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-9470

Oct. 10, 2024, 12:51 p.m.

Product(s) Impacted

Cortex XSOAR

Description

A vulnerability in Cortex XSOAR allows the disclosure of incident data to users who do not have the privilege to view the data.

Weaknesses

CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere

The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does.

CWE ID: 497

Date

Published: Oct. 9, 2024, 5:15 p.m.

Last Modified: Oct. 10, 2024, 12:51 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

psirt@paloaltonetworks.com

References

https://security.paloaltonetworks.com/ psirt@paloaltonetworks.com