Published: 10/03/2021 Updated: 24/03/2021

CVSS v2 Base Score: 3.6 | Impact Score: 4.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.1 | Impact Score: 4.2 | Exploitability Score: 0.8

VMScore: 320

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:N

An information exposure through log file vulnerability exists in Cortex XSOAR software where the secrets configured for the SAML single sign-on (SSO) integration can be logged to the '/var/log/demisto/' server logs when testing the integration during setup. This logged information includes the private key and identity provider certificate used to configure the SAML SSO integration. This issue impacts: Cortex XSOAR 5.5.0 builds earlier than 98622; Cortex XSOAR 6.0.1 builds earlier than 830029; Cortex XSOAR 6.0.2 builds earlier than 98623; Cortex XSOAR 6.1.0 builds earlier than 848144.

Vulnerable Product	Search on Vulmon	Subscribe to Product
paloaltonetworks cortex xsoar 5.5.0
paloaltonetworks cortex xsoar 6.0.1
paloaltonetworks cortex xsoar 6.0.2
paloaltonetworks cortex xsoar 6.1.0

OSCP cheat sheet 2023 0 Preparation Read the OSCP dos and don'ts Practice taking screenshot while you hack Get a document file ready to paste your walkthrough screenshots 1 Recon Recon is an essential OSCP skill set If you do have good recon skills, it makes the exam much easier The tools included in this cheat sheet might not be enough The content is created based

CWE-532 https://security.paloaltonetworks.com/CVE-2021-3034 https://nvd.nist.gov https://github.com/Desm0ndChan/OSCP-cheatsheet

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-3034

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect