Vulnerability Database

322,732

Total vulnerabilities in the database

CVE-2022-0027

An improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables authenticated users in non-Read-Only groups to generate an email report that contains summary information about all incidents in the Cortex XSOAR instance, including incidents to which the user does not have access. This issue impacts: All versions of Cortex XSOAR 6.1; All versions of Cortex XSOAR 6.2; All versions of Cortex XSOAR 6.5; Cortex XSOAR 6.6 versions earlier than Cortex XSOAR 6.6.0 build 6.6.0.2585049.

Published: May 11, 2022
Updated: Nov 16, 2025
CVE: CVE-2022-0027
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.3
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:P/I:N/A:N

CWEs:

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
paloaltonetworks / cortex_xsoar	6.2.0	6.2.0.x
paloaltonetworks / cortex_xsoar	6.1.0	6.1.0.x
paloaltonetworks / cortex_xsoar	6.6.0	6.6.0.2585049
paloaltonetworks / cortex_xsoar	6.5.0	6.5.0.x

https://security.paloaltonetworks.com/CVE-2022-0027

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo