Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.7
Palo Alto Networks Cortex XDR Broker VM Sensitive Info Available to Authenticated User
CVE-2026-0231
Summary
An authenticated user with network access to the Palo Alto Networks Cortex XDR Broker VM can obtain and modify sensitive information through the Cortex UI. This could lead to unauthorized access to confidential data. To mitigate this, ensure that access to the Broker VM is strictly controlled and monitored.
Original title
An information disclosure vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to obtain and modify sensitive information by triggering live terminal session via C...
Original description
An information disclosure vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to obtain and modify sensitive information by triggering live terminal session via Cortex UI and modifying any configuration setting.
The attacker must have network access to the Broker VM to exploit this issue.
The attacker must have network access to the Broker VM to exploit this issue.
nvd CVSS4.0
5.7
Vulnerability type
CWE-497
Published: 11 Mar 2026 · Updated: 13 Mar 2026 · First seen: 11 Mar 2026