Critical Palo Alto Cyber-Defense Bug Allows Remote ‘War Room’ Access


A critical security bug in Palo Alto Networks’ Cortex XSOAR could allow remote attackers to run commands and automations in the Cortex XSOAR War Room and to take other actions on the platform, without having to log in.

Found internally by Palo Alto, the bug (CVE-2021-3044) is an improper-authorization vulnerability that “enables a remote unauthenticated attacker with network access to the Cortex XSOAR server to perform unauthorized actions through the REST API,” according to the security vendor’s Tuesday advisory. It rates 9.8 out of 10 on the CVSS vulnerability-severity scale.

Read more…
Source: ThreatPost