Main Vulnerability Database SB2025021807

SB2025021807 - Unauthorized access to Broker VM docker containers in Cortex XDR Broker VM

Published: February 18, 2025

Security Bulletin ID SB2025021807

Severity

High

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper protection of alternate path (CVE-ID: CVE-2025-0113)

The vulnerability allows a remote attacker to gain unauthorized access to VM docker containers.

The vulnerability exists due to an error within the network isolation mechanism. A remote non-authenticated attacker can gain unauthorized access to Docker containers from the host network used by Broker VM and read files sent for analysis and logs transmitted by the Cortex XDR Agent to the Cortex XDR server.

Remediation

Install update from vendor's website.

References

https://security.paloaltonetworks.com/CVE-2024-0113