CVE-2022-0020 Cortex XSOAR: Stored Cross-Site Scripting (XSS) Vulnerability in Web Interface
Description
A stored cross-site scripting (XSS) vulnerability in Palo Alto Network Cortex XSOAR web interface enables an authenticated network-based attacker to store a persistent javascript payload that will perform arbitrary actions in the Cortex XSOAR web interface on behalf of authenticated administrators who encounter the payload during normal operations.
This issue impacts:
All builds of Cortex XSOAR 6.1.0;
Cortex XSOAR 6.2.0 builds earlier than build 1958888.
Product Status
Versions | Affected | Unaffected |
---|---|---|
Cortex XSOAR 6.5.0 | None | All |
Cortex XSOAR 6.2.0 | < 1958888 | >= 1958888 |
Cortex XSOAR 6.1.0 | All | None |
Severity: MEDIUM
CVSSv3.1 Base Score: 6.8 (CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H)
Exploitation Status
Palo Alto Networks is not aware of any malicious exploitation of this issue.
Weakness Type
CWE-79 Cross-site Scripting (XSS)
Solution
This issue is fixed in Cortex XSOAR 6.2.0 build 1958888 and all later Cortex XSOAR versions.
Workarounds and Mitigations
There are no known workarounds for this issue.