CVE-2022-0013

Cortex XDR Agent: File Information Exposure Vulnerability When Generating Support File

Description

A file information exposure vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local attacker to read the contents of arbitrary files on the system with elevated privileges when generating a support file. This issue impacts: Cortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.12; Cortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.9; Cortex XDR agent 7.2 versions earlier than Cortex XDR agent 7.2.4; Cortex XDR agent 7.3 versions earlier than Cortex XDR agent 7.3.2.

Remediation

Solution:

This issue is fixed in Cortex XDR agent 5.0.12, Cortex XDR agent 6.1.9, Cortex XDR agent 7.2.4, Cortex XDR agent 7.3.2, and all later Cortex XDR agent versions.

Workaround:

There are no known workarounds for this issue.

References

Link	Tags
https://security.paloaltonetworks.com/CVE-2022-0013	vendor advisory

Frequently Asked Questions

What is the severity of CVE-2022-0013?: CVE-2022-0013 has been scored as a medium severity vulnerability.
How to fix CVE-2022-0013?: To fix CVE-2022-0013: This issue is fixed in Cortex XDR agent 5.0.12, Cortex XDR agent 6.1.9, Cortex XDR agent 7.2.4, Cortex XDR agent 7.3.2, and all later Cortex XDR agent versions.
Is CVE-2022-0013 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2022-0013 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2022-0013?: CVE-2022-0013 affects Palo Alto Networks Cortex XDR Agent.

Description

Remediation

Categories

CWE-538 – Insertion of Sensitive Information into Externally-Accessible File or Directory

CWE-200 – Exposure of Sensitive Information to an Unauthorized Actor

References

Frequently Asked Questions