{"document":{"category":"csaf_vex","csaf_version":"2.1","notes":[{"category":"summary","text":"Palo Alto Networks PSIRT provided VEX document. This document is autogenerated.","title":"Cortex XDR Broker VM: Sensitive Information Disclosure Vulnerability"}],"publisher":{"category":"vendor","name":"Palo Alto Networks","namespace":"https://security.paloaltonetworks.com"},"title":"Palo Alto Networks PSIRT provided VEX document: CVE-2026-0231","distribution":{"text":"Copyright © 2024 Palo Alto Networks. All rights reserved.","tlp":{"label":"CLEAR","url":"https://www.first.org/tlp/"}},"tracking":{"current_release_date":"2026-04-11T00:24:42.683Z","generator":{"date":"2026-04-11T00:24:42.683Z","engine":{"name":"Vulnogram","version":"0.1.0-dev"}},"id":"CVE-2026-0231","initial_release_date":"2026-03-11T16:00:00.000Z","revision_history":[{"number":"1","date":"2026-03-11T09:00:00.000Z","summary":"Initial Publication"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"name":"Palo Alto Networks","category":"vendor","branches":[{"name":"Cortex XDR Broker VM","category":"product_name","branches":[{"category":"product_version_range","name":"vers:generic/Cortex XDR Broker VM<30.0.49","product":{"name":"Palo Alto Networks Cortex XDR Broker VM","product_id":"PANW-Cortex-XDR-Broker-VM-7"}},{"category":"product_version_range","name":"vers:generic/Cortex XDR Broker VM>=30.0.49","product":{"name":"Palo Alto Networks Cortex XDR Broker VM","product_id":"PANW-Cortex-XDR-Broker-VM-7"}}]}]}]},"vulnerabilities":[{"cve":"CVE-2026-0231","product_status":{"fixed":["PANW-Cortex-XDR-Broker-VM-7"],"known_affected":["PANW-Cortex-XDR-Broker-VM-7"]},"notes":[{"category":"description","text":"An information disclosure vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to obtain and modify sensitive information by triggering live terminal session via Cortex UI and modifying any configuration setting. \n\n\nThe attacker must have network access to the Broker VM to exploit this issue."}],"references":[{"category":"external","summary":"NVD - CVE-2026-0231","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-0231"},{"category":"self","summary":"Palo Alto Networks Security Advisory CVE-2026-0231","url":"https://security.paloaltonetworks.com/CVE-2026-0231"}],"threats":[{"category":"impact","description":"An information disclosure vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to obtain and modify sensitive information by triggering live terminal session via Cortex UI and modifying any configuration setting. \n\n\nThe attacker must have network access to the Broker VM to exploit this issue."}],"scores":[{"cvss_v4":{"version":"4.0","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER","exploitMaturity":"UNREPORTED","baseSeverity":"HIGH","baseScore":8.4,"threatSeverity":"MEDIUM","threatScore":5.7,"vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber"},"products":["PANW-Cortex-XDR-Broker-VM-7"]}]}]}