An improper authorization vulnerability in the Palo Alto Networks Cortex XSOAR server enables an authenticated network-based attacker with investigation read permissions to download files from incident investigations of which they are aware but are not a part of. This issue impacts: All Cortex XSOAR 5.5.0 builds; Cortex XSOAR 6.1.0 builds earlier than 12099345. This issue does not impact Cortex XSOAR 6.2.0 versions.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Cortex_xsoar | Paloaltonetworks | 5.5.0 (including) | 5.5.0 (including) |
| Cortex_xsoar | Paloaltonetworks | 5.5.0-70066 (including) | 5.5.0-70066 (including) |
| Cortex_xsoar | Paloaltonetworks | 5.5.0-73387 (including) | 5.5.0-73387 (including) |
| Cortex_xsoar | Paloaltonetworks | 5.5.0-75211 (including) | 5.5.0-75211 (including) |
| Cortex_xsoar | Paloaltonetworks | 5.5.0-78518 (including) | 5.5.0-78518 (including) |
| Cortex_xsoar | Paloaltonetworks | 5.5.0-94592 (including) | 5.5.0-94592 (including) |
| Cortex_xsoar | Paloaltonetworks | 6.1.0 (including) | 6.1.0 (including) |
| Cortex_xsoar | Paloaltonetworks | 6.1.0-1016923 (including) | 6.1.0-1016923 (including) |
| Cortex_xsoar | Paloaltonetworks | 6.1.0-1031903 (including) | 6.1.0-1031903 (including) |
| Cortex_xsoar | Paloaltonetworks | 6.1.0-1077664 (including) | 6.1.0-1077664 (including) |
| Cortex_xsoar | Paloaltonetworks | 6.1.0-848144 (including) | 6.1.0-848144 (including) |