Vulnerability in Palo Alto Networks Cortex Xsoar
CVE-2024-9470
A vulnerability in Cortex XSOAR allows the disclosure of incident data to users who do not have the privilege to view the data.
EPSS: 0.004 (28.5th percentile) — read the EPSS interpretation.
Affected products
- Palo Alto Networks Cortex Xsoar — versions 8.0.0, 6.13.0, 6.12.0
Weakness classification (CWE)
Public proof-of-concept exploits
References
- psirt@paloaltonetworks.com (vendor-advisory)
Frequently asked questions
- What is CVE-2024-9470?
- CVE-2024-9470 is a vulnerability in Palo Alto Networks Cortex Xsoar, classified under Exposure of Sensitive System Information to an Unauthorized Control Sphere. Published 2024-10-09.
- Is CVE-2024-9470 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.