7.2
CVE-2026-0234
- EPSS 0.03%
- Veröffentlicht 13.04.2026 07:15:03
- Zuletzt bearbeitet 13.04.2026 15:01:43
- Quelle psirt@paloaltonetworks.com
- CVE-Watchlists
- Unerledigt
Cortex XSOAR: Improper Verification of Cryptographic Signature in Microsoft Teams integration
An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR and Cortex XSIAM platforms during integration of Microsoft Teams that enables an unauthenticated user to access and modify protected resources.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerPalo Alto Networks
≫
Produkt
Cortex XSOAR Microsoft Teams Marketplace
Default Statusunaffected
Version
1.5.0
Version <
1.5.52
Status
affected
HerstellerPalo Alto Networks
≫
Produkt
Cortex XSIAM Microsoft Teams Marketplace
Default Statusunaffected
Version
1.5.0
Version <
1.5.52
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.089 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@paloaltonetworks.com | 7.2 | 0 | 0 |
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Red
|
CWE-347 Improper Verification of Cryptographic Signature
The product does not verify, or incorrectly verifies, the cryptographic signature for data.