CVE-2021-3051
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR SAML authentication that enables an unauthenticated network-based attacker with specific knowledge of the Cortex XSOAR instance to access protected resources and perform unauthorized actions on the Cortex XSOAR server. This issue impacts: Cortex XSOAR 5.5.0 builds earlier than 1578677; Cortex XSOAR 6.0.2 builds earlier than 1576452; Cortex XSOAR 6.1.0 builds earlier than 1578663; Cortex XSOAR 6.2.0 builds earlier than 1578666. All Cortex XSOAR instances hosted by Palo Alto Networks are protected from this vulnerability; no additional action is required for these instances.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Palo Alto Networks | Cortex XSOAR | 5.5.0 < 1578677 | affected |
| Palo Alto Networks | Cortex XSOAR | 6.0.2 < 1576452 | affected |
| Palo Alto Networks | Cortex XSOAR | 6.1.0 < 1578663 | affected |
| Palo Alto Networks | Cortex XSOAR | 6.2.0 < 1578666 | affected |
Weaknesses
- CWE-347: CWE-347 Improper Verification of Cryptographic Signature
Workarounds
To completely prevent this issue from being exploited before you can upgrade your Cortex XSOAR server, disable SAML authentication integration.
You can also restrict network access to the Cortex XSOAR server to allow only trusted users to further reduce the impact of this issue.
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.