An information exposure vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local system administrator to disclose the admin password for the agent in cleartext, which bad actors can then use to execute privileged cytool commands that disable or uninstall the agent.
References
Link | Resource |
---|---|
https://security.paloaltonetworks.com/CVE-2023-0001 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: palo_alto
Published: 2023-02-08T17:20:20.774Z
Updated: 2023-11-21T18:25:00.000Z
Reserved: 2022-10-27T18:47:48.958Z
Link: CVE-2023-0001
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-02-08T18:15:11.523
Modified: 2024-01-12T22:10:50.817
Link: CVE-2023-0001
JSON object: View
Redhat Information
No data.
CWE