CVE-2023-0003
A file disclosure vulnerability in the Palo Alto Networks Cortex XSOAR server software enables an authenticated user with access to the web interface to read local files from the server.
| Software | From | Fixed in |
|---|---|---|
| paloaltonetworks / cortex_xsoar | 6.8.0-3261002 | 6.8.0-3261002.x |
| paloaltonetworks / cortex_xsoar | 6.6.0-2585049 | 6.6.0-2585049.x |
| paloaltonetworks / cortex_xsoar | 6.6.0-2889656 | 6.6.0-2889656.x |
| paloaltonetworks / cortex_xsoar | 6.6.0-3049220 | 6.6.0-3049220.x |
| paloaltonetworks / cortex_xsoar | 6.6.0-3124193 | 6.6.0-3124193.x |
| paloaltonetworks / cortex_xsoar | 6.8.0-176620 | 6.8.0-176620.x |
| paloaltonetworks / cortex_xsoar | 6.10.0 | 6.10.0.185964 |
| paloaltonetworks / cortex_xsoar | 6.9.0-177754 | 6.9.0-177754.x |
| paloaltonetworks / cortex_xsoar | 6.9.0-130766 | 6.9.0-130766.x |
| fedoraproject / fedora | 37 | 37.x |
| fedoraproject / fedora | 38 | 38.x |
| fedoraproject / fedora | 39 | 39.x |
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HMEELCREWMRT6NS7HWXLA6XFLLMO36HE/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UEJWL67XR67JAGEL2ZK22NA3BRKNMZNY/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VEEQIN5242K5NBE2CZ4DYTNA5B4YTYE5/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VKFMKD4MJZIKFQJAAJ4VZ2FHIJ764A76/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/
- https://security.paloaltonetworks.com/CVE-2023-0003
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime