CVE-2026-0231
Received
Received - Intake
Information Disclosure and Configuration Modification in Cortex XDR Broker VM
Vulnerability report for CVE-2026-0231, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-03-11
Last updated on: 2026-03-11
Assigner: Palo Alto Networks, Inc.
Description
Description
An information disclosure vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to obtain and modify sensitive information by triggering live terminal session via Cortex UI and modifying any configuration setting.
The attacker must have network access to the Broker VM to exploit this issue.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| palo_alto_networks | cortex_xdr_broker_vm | * |
| palo_alto_networks | cortex_xdr_broker_vm | From 30.0.0 (inc) to 30.0.49 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-497 | The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does. |