CVE-2024-5914 HIGH

CVE-2024-5914: Cortex XSOAR: Command Injection in CommonScripts Pack

Vendor Palo Alto Networks
Product Cortex XSOAR CommonScripts
Weakness CWE-77
Published August 14, 2024
Last update August 14, 2024

CVSS base score

7.0/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:H/SI:H/SA:N/AU:N/R:U/V:D/RE:M/U:Amber

What the vulnerability does

01Description

A command injection issue in Palo Alto Networks Cortex XSOAR CommonScripts Pack allows an unauthenticated attacker to execute arbitrary commands within the context of an integration container.

Key dates

02Disclosure timeline

August 14, 2024 CVE published
August 14, 2024 Record updated