security.paloaltonetworks.com
Open in
urlscan Pro
34.49.135.97
Public Scan
URL:
https://security.paloaltonetworks.com/CVE-2024-5914
Submission: On September 05 via api from IN — Scanned from US
Submission: On September 05 via api from IN — Scanned from US
Form analysis 0 forms found in the DOM
Text Content
* Get support
* Security advisories
* Report vulnerabilities
* Subscribe
* RSS feed
Palo Alto Networks Security Advisories / CVE-2024-5914
CVE-2024-5914 CORTEX XSOAR: COMMAND INJECTION IN COMMONSCRIPTS PACK
047910
Severity 7 · HIGH
Urgency MODERATE
Response Effort MODERATE
Recovery USER
Value Density DIFFUSE
Attack Vector NETWORK
Attack Complexity HIGH
Attack Requirements PRESENT
Automatable NO
User Interaction NONE
Product Confidentiality LOW
Product Integrity LOW
Product Availability LOW
Privileges Required NONE
Subsequent Confidentiality HIGH
Subsequent Integrity HIGH
Subsequent Availability NONE
NVD JSON
Published 2024-08-14
Updated 2024-08-14
Reference CRTX-95034
Discovered externally
DESCRIPTION
A command injection issue in Palo Alto Networks Cortex XSOAR CommonScripts Pack
allows an unauthenticated attacker to execute arbitrary commands within the
context of an integration container.
PRODUCT STATUS
VersionsAffectedUnaffectedCortex XSOAR CommonScripts < 1.12.33>= 1.12.33
REQUIRED CONFIGURATION FOR EXPOSURE
To be exposed, an integration must make use of the ScheduleGenericPolling or
GenericPollingScheduledTask scripts from the CommonScripts pack.
SEVERITY: HIGH
CVSSv4.0 Base Score: 7
(CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:H/SI:H/SA:N/AU:N/R:U/V:D/RE:M/U:Amber)
EXPLOITATION STATUS
Palo Alto Networks is not aware of any malicious exploitation of this issue.
WEAKNESS TYPE
CWE-77 Improper Neutralization of Special Elements used in a Command ('Command
Injection')
SOLUTION
This issue is fixed in Cortex XSOAR CommonScripts 1.12.33 and all later
versions.
WORKAROUNDS AND MITIGATIONS
Remove any integration usage of the ScheduleGenericPolling or
GenericPollingScheduledTask scripts from the CommonScripts pack.
ACKNOWLEDGMENTS
Palo Alto Networks thanks Othmar Lechner for discovering and reporting this
issue.
TIMELINE
2024-08-14 Initial publication
Terms of usePrivacyProduct Security Assurance and Vulnerability Disclosure
PolicyReport vulnerabilitiesManage subscriptions
© 2024 Palo Alto Networks, Inc. All rights reserved.