CVE-2022-0013 : A file information exposure vulnerability exists in the Palo Alto Networks Corte

A file information exposure vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local attacker to read the contents of arbitrary files on the system with elevated privileges when generating a support file. This issue impacts: Cortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.12; Cortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.9; Cortex XDR agent 7.2 versions earlier than Cortex XDR agent 7.2.4; Cortex XDR agent 7.3 versions earlier than Cortex XDR agent 7.3.2.

Published 2022-01-12 18:15:08

Updated 2022-01-19 19:20:12

Source Palo Alto Networks, Inc.

View at NVD, CVE.org

Vulnerability category: Information leak

Products affected by CVE-2022-0013

Paloaltonetworks » Cortex Xdr Agent
Versions from including (>=) 7.3 and before (<) 7.3.2
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows » Version: N/A
Paloaltonetworks » Cortex Xdr Agent
Versions from including (>=) 5.0 and before (<) 5.0.12
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows » Version: N/A
Paloaltonetworks » Cortex Xdr Agent
Versions from including (>=) 7.2 and before (<) 7.2.4
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows » Version: N/A
Paloaltonetworks » Cortex Xdr Agent
Versions from including (>=) 6.1 and before (<) 6.1.9
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2022-0013

EPSS FAQ

0.05%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 14 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2022-0013

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
2.1	LOW	AV:L/AC:L/Au:N/C:P/I:N/A:N	3.9	2.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N	1.8	3.6	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None
5.0	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N	1.3	3.6	Palo Alto Networks, Inc.
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: Required Scope: Unchanged Confidentiality: High Integrity: None Availability: None

CWE ids for CVE-2022-0013

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Assigned by: nvd@nist.gov (Primary)
CWE-538 Insertion of Sensitive Information into Externally-Accessible File or Directory

The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information.

Assigned by: psirt@paloaltonetworks.com (Secondary)

References for CVE-2022-0013

https://security.paloaltonetworks.com/CVE-2022-0013

CVE-2022-0013 Cortex XDR Agent: File Information Exposure Vulnerability When Generating Support File
Vendor Advisory

Jump to

Vulnerability Details : CVE-2022-0013

Products affected by CVE-2022-0013

Exploit prediction scoring system (EPSS) score for CVE-2022-0013

CVSS scores for CVE-2022-0013

CWE ids for CVE-2022-0013

References for CVE-2022-0013