CVE-2026-0274 Cortex XSOAR: Improper Validation of Credentials in CommvaultSecurityIQ integration

Palo Alto Networks Security Advisories / CVE-2026-0274

CVE-2026-0274 Cortex XSOAR: Improper Validation of Credentials in CommvaultSecurityIQ integration

Urgency HIGHEST

Severity 8.1 · HIGH

Exploit Maturity UNREPORTED

Response Effort MODERATE

Recovery USER

Value Density DIFFUSE

Attack Vector NETWORK

Attack Complexity LOW

Attack Requirements NONE

Automatable NO

User Interaction NONE

Product Confidentiality HIGH

Product Integrity HIGH

Product Availability HIGH

Privileges Required NONE

Subsequent Confidentiality NONE

Subsequent Integrity NONE

Subsequent Availability NONE

CVE JSON CSAF

Published 2026-06-10

Updated 2026-06-10

Discovered internally

Description

An improper validation of credentials vulnerability in the CommvaultSecurityIQ integration for Cortex XSOAR and Cortex XSIAM allows an unauthenticated attacker to access and modify protected resources.

Product Status

Versions	Affected	Unaffected
Cortex XSIAM CommvaultSecurityIQ Marketplace 1.1.0	< 1.2.0	>= 1.2.0
Cortex XSOAR CommvaultSecurityIQ Marketplace 1.1.0	< 1.2.0	>= 1.2.0

Required Configuration for Exposure

No special configuration is required to be affected by this issue.

Severity: HIGH, Suggested Urgency: HIGHEST

CVSS-BT: 8.1 / CVSS-B: 9.3 (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Red)

Exploitation Status

Palo Alto Networks is not aware of any malicious exploitation of this issue.

Weakness Type and Impact

CWE-1390 Weak Authentication

CAPEC-475 Signature Spoofing by Improper Validation

Solution

Version	Minor Version	Suggested Solution
Cortex XSIAM CommvaultSecurityIQ Marketplace 1.1	1.1.0 through 1.1.9	Upgrade to 1.2.0 or later.
Cortex XSOAR CommvaultSecurityIQ Marketplace 1.1	1.1.0 through 1.1.9	Upgrade to 1.2.0 or later.

Workarounds and Mitigations

No known workarounds exist for this issue.

Acknowledgments

Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue.

CPE Applicability

- cpe:2.3:a:palo_alto_networks:cortex_xsiam_commvaultsecurityiq_marketplace:*:*:*:*:*:*:*:* is vulnerable from (including)1.2.0 and up to (excluding)1.2.0
or
- cpe:2.3:a:palo_alto_networks:cortex_xsoar_commvaultsecurityiq_marketplace:*:*:*:*:*:*:*:* is vulnerable from (including)1.2.0 and up to (excluding)1.2.0

Timeline

2026-06-10 Initial Publication.