Vulnerability Details CVE-2022-0015
A local privilege escalation (PE) vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables an authenticated local user to execute programs with elevated privileges. This issue impacts: Cortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.12; Cortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.9.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.5%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.6
References
Products affected by CVE-2022-0015
-
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:5.0
-
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:5.0.10
-
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:5.0.11
-
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1
-
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.4
-
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.5
-
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.6
-
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.7
-
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.8