Vulnerability Details : CVE-2023-0001
An information exposure vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local system administrator to disclose the admin password for the agent in cleartext, which bad actors can then use to execute privileged cytool commands that disable or uninstall the agent.
Products affected by CVE-2023-0001
- Paloaltonetworks » Cortex Xdr Agent » Critical Environment EditionVersions from including (>=) 7.5 and before (<) 7.5.101cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:critical_environment:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-0001
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 13 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-0001
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.7
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
0.8
|
5.9
|
NIST | |
6.0
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H |
0.8
|
5.2
|
Palo Alto Networks, Inc. |
CWE ids for CVE-2023-0001
-
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.Assigned by:
- nvd@nist.gov (Primary)
- psirt@paloaltonetworks.com (Secondary)
References for CVE-2023-0001
-
http://www.openwall.com/lists/oss-security/2023/11/08/5
oss-security - Re: !CVE: A new platform to track security issues not acknowledged by vendors
-
http://www.openwall.com/lists/oss-security/2023/11/08/10
oss-security - Re: !CVE: A new platform to track security issues not acknowledged by vendors
-
http://www.openwall.com/lists/oss-security/2023/11/08/3
oss-security - Re: !CVE: A new platform to track security issues not acknowledged by vendors
-
http://www.openwall.com/lists/oss-security/2023/11/08/2
oss-security - !CVE: A new platform to track security issues not acknowledged by vendors
-
https://security.paloaltonetworks.com/CVE-2023-0001
CVE-2023-0001 Cortex XDR Agent: Cleartext Exposure of Agent Admin PasswordVendor Advisory
-
http://www.openwall.com/lists/oss-security/2023/11/10/1
oss-security - Re: !CVE: A new platform to track security issues not acknowledged by vendors
Jump to