CVE-2025-0113

A problem with the network isolation mechanism of the Palo Alto Networks Cortex XDR Broker VM allows attackers unauthorized access to Docker containers from the host network used by Broker VM. This may allow access to read files sent for analysis and logs transmitted by the Cortex XDR Agent to the Cortex XDR server.

CVSS

No CVSS.

References

Link	Resource
https://security.paloaltonetworks.com/CVE-2025-0113

Configurations

No configuration.

History

09 Apr 2025, 17:15

Type	Values Removed	Values Added
References	~~{'url': 'https://security.paloaltonetworks.com/CVE-2024-0113', 'source': 'psirt@paloaltonetworks.com'}~~	() https://security.paloaltonetworks.com/CVE-2025-0113 -
Summary		(es) Un problema con el mecanismo de aislamiento de red de la máquina virtual Broker Cortex XDR de Palo Alto Networks permite a los atacantes acceder sin autorización a los contenedores Docker desde la red host utilizada por la máquina virtual Broker. Esto puede permitir el acceso para leer archivos enviados para análisis y registros transmitidos por el agente Cortex XDR al servidor Cortex XDR.

12 Feb 2025, 21:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-02-12 21:15

Updated : 2025-04-09 17:15

NVD link : CVE-2025-0113

Mitre link : CVE-2025-0113

CVE.ORG link : CVE-2025-0113

JSON object : View

Products Affected

No product.

CWE

CWE-424

Improper Protection of Alternate Path

{"id": "CVE-2025-0113", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "psirt@paloaltonetworks.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "USER", "baseScore": 5.3, "Automatable": "YES", "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:C/RE:M/U:Amber", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "AMBER", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "MODERATE", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-02-12T21:15:16.950", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2025-0113", "source": "psirt@paloaltonetworks.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "psirt@paloaltonetworks.com", "description": [{"lang": "en", "value": "CWE-424"}]}], "descriptions": [{"lang": "en", "value": "A problem with the network isolation mechanism of the Palo Alto Networks Cortex XDR Broker VM allows attackers unauthorized access to Docker containers from the host network used by Broker VM. This may allow access to read files sent for analysis and logs transmitted by the Cortex XDR Agent to the Cortex XDR server."}, {"lang": "es", "value": "Un problema con el mecanismo de aislamiento de red de la m\u00e1quina virtual Broker Cortex XDR de Palo Alto Networks permite a los atacantes acceder sin autorizaci\u00f3n a los contenedores Docker desde la red host utilizada por la m\u00e1quina virtual Broker. Esto puede permitir el acceso para leer archivos enviados para an\u00e1lisis y registros transmitidos por el agente Cortex XDR al servidor Cortex XDR."}], "lastModified": "2025-04-09T17:15:30.810", "sourceIdentifier": "psirt@paloaltonetworks.com"}