Primary

Context

Palo Alto Networks Cortex XDR Broker VM Information Disclosure Vulnerability

Vulnerability

A vulnerability allowing information disclosure has been identified in Palo Alto Networks Cortex XDR Broker VM versions 30.0.0 prior to 30.0.49. This vulnerability allows an authenticated user with network access to the Broker VM to access and modify sensitive information. The issue can be exploited by initiating a live terminal session through the Cortex UI and altering any configuration setting.

Impact

Exploitation of this vulnerability could lead to unauthorized access and modification of sensitive information within the Cortex XDR Broker VM.

Remediation

Users can upgrade to Cortex XDR Broker VM version 30.0.49 or later to address this vulnerability. If automatic upgrades are not enabled, it is recommended to enable them to ensure the latest security patches are applied.

Added: Mar 11, 2026, 6:27 PM

Updated: Mar 11, 2026, 6:27 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.8

remediation

0.0

relevance

3.8

threat

0.0

urgency

5.7

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.8

remediation

0.0

relevance

3.8

threat

0.0

urgency

5.7

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Palo Alto Networks Cortex XDR Broker VM Information Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating