Vulnerability Database

322,732

Total vulnerabilities in the database

CVE-2021-3049

An improper authorization vulnerability in the Palo Alto Networks Cortex XSOAR server enables an authenticated network-based attacker with investigation read permissions to download files from incident investigations of which they are aware but are not a part of. This issue impacts: All Cortex XSOAR 5.5.0 builds; Cortex XSOAR 6.1.0 builds earlier than 12099345. This issue does not impact Cortex XSOAR 6.2.0 versions.

Published: Sep 8, 2021
Updated: Nov 16, 2025
CVE: CVE-2021-3049
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 2.6
AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:P/I:N/A:N

CWEs:

CWE-285

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
paloaltonetworks / cortex_xsoar	5.5.0-94592	5.5.0-94592.x
paloaltonetworks / cortex_xsoar	5.5.0-78518	5.5.0-78518.x
paloaltonetworks / cortex_xsoar	5.5.0-75211	5.5.0-75211.x
paloaltonetworks / cortex_xsoar	5.5.0-73387	5.5.0-73387.x
paloaltonetworks / cortex_xsoar	5.5.0-70066	5.5.0-70066.x
paloaltonetworks / cortex_xsoar	6.1.0-1016923	6.1.0-1016923.x
paloaltonetworks / cortex_xsoar	6.1.0-1031903	6.1.0-1031903.x
paloaltonetworks / cortex_xsoar	6.1.0-848144	6.1.0-848144.x
paloaltonetworks / cortex_xsoar	6.1.0-1077664	6.1.0-1077664.x
paloaltonetworks / cortex_xsoar	6.1.0	6.1.0.x
paloaltonetworks / cortex_xsoar	5.5.0	5.5.0.x

https://security.paloaltonetworks.com/CVE-2021-3049

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo