Palo Alto Networks Security Advisories / CVE-2021-26701

CVE-2021-26701 Informational: Impact of Microsoft PowerShell Vulnerability CVE-2021-26701 on Cortex XSOAR

047910
Severity 0 · NONE
Attack Vector Not applicable
Scope Not applicable
Attack Complexity Not applicable
Confidentiality Impact NONE
Privileges Required Not applicable
Integrity Impact NONE
User Interaction Not applicable
Availability Impact NONE
NVD JSON
Published 2021-08-11
Updated 2021-08-11
Reference
Discovered externally

Description

Palo Alto Networks Cortex XSOAR maintains Docker Images with PowerShell available for customers to use. The base docker images with PowerShell were updated on May 19, 2021 with PowerShell version 7.1.3. Palo Alto Networks urges customers to upgrade their docker images to a version with the tag 7.1.3 or higher to protect against the PowerShell vulnerability CVE-2021-26701.

All content on the Cortex XSOAR Marketplace that utilizes PowerShell has been updated to use PowerShell version 7.1.3 to mitigate any possible risk associated with CVE-2021-26701. Customers are encouraged to also update all relevant content on the Cortex XSOAR Marketplace.

CVECVSSSummary
CVE-2021-267019.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).NET Core Remote Code Execution (RCE) Vulnerability

Product Status

VersionsAffectedUnaffected
Cortex XSOAR PowerShell Image 7.1< 7.1.3.20270>= 7.1.3.20270

Required Configuration for Exposure

Severity: NONE

CVSSv3.1 Base Score: 0 (CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:N)

Exploitation Status

Solution

This issue is fixed in Cortex XSOAR Base PowerShell image 7.1.3.20270 and later Cortex XSOAR Base PowerShell image versions.

Workarounds and Mitigations

Timeline

Initial publication
Terms of usePrivacyProduct Security Assurance and Vulnerability Disclosure PolicyReport vulnerabilitiesManage subscriptions
© 2024 Palo Alto Networks, Inc. All rights reserved.