CVE-2023-0001

Common Vulnerabilities and Exposures

Last Post by 143 World 3 years ago

2 Posts

2 Users

0 Reactions

867 Views

RSS

kajal

(@kajal)

Posts: 299

Reputable Member

Topic starter

Details:-

An information exposure vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local system administrator to disclose the admin password for the agent in cleartext, which bad actors can then use to execute privileged cytool commands that disable or uninstall the agent.

Vendor :- Palo Alto Networks

Posted : 16/02/2023 10:57 am

143 World

(@143world)

Posts: 5

New Member

https://security.paloaltonetworks.com/CVE-2023-0001

Solution

This issue is fixed in Cortex XDR agent 7.5.101-CE and all later supported Cortex XDR agent versions. (Cortex XDR agent 5.0 is not impacted.)

After you upgrade to a fixed version of the Cortex XDR agent, you must change the agent admin password in case it was already disclosed to users.

This post was modified 3 years ago by 143 World

Posted : 16/02/2023 5:52 pm

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed