CVE-2022-0013
A file information exposure vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local attacker to read the contents of arbitrary files on the system with elevated privileges when generating a support file. This issue impacts: Cortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.12; Cortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.9; Cortex XDR agent 7.2 versions earlier than Cortex XDR agent 7.2.4; Cortex XDR agent 7.3 versions earlier than Cortex XDR agent 7.3.2.
Published at
2022-01-12
4 days ago
Modified
2022-01-12
4 days ago
2022
Year
The year of the turtle
https://security.paloaltonetworks.com/CVE-2022-0013
MISC:https://security.paloaltonetworks.com/CVE-2022-0013
Vulnerability RAW
{
"Title": {
"_text": "CVE-2022-0013"
},
"Notes": {
"Note": [
{
"_text": "A file information exposure vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local attacker to read the contents of arbitrary files on the system with elevated privileges when generating a support file. This issue impacts: Cortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.12; Cortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.9; Cortex XDR agent 7.2 versions earlier than Cortex XDR agent 7.2.4; Cortex XDR agent 7.3 versions earlier than Cortex XDR agent 7.3.2."
},
{
"_text": "2022-01-12"
},
{
"_text": "2022-01-12"
}
]
},
"CVE": {
"_text": "CVE-2022-0013"
},
"References": {
"Reference": {
"URL": {
"_text": "https://security.paloaltonetworks.com/CVE-2022-0013"
},
"Description": {
"_text": "MISC:https://security.paloaltonetworks.com/CVE-2022-0013"
}
}
}
}