CVE-2020-29510
Description
The Palo Alto Networks Product Security Assurance team evaluated the vulnerabilities (CVE-2020-29509, CVE-2020-29510, and CVE-2020-29511) that impact the standard Golang XML parsing library.All versions of Cortex XSOAR use a version of Golang that contains these vulnerabilities but there are no scenarios for successful exploitation of them in Cortex XSOAR.As a result, there is no known security impact for these issues in Cortex XSOAR. However, out of an abundance of caution, we removed the impacted Golang code entirely from Cortex XSOAR 5.5.0, Cortex XSOAR 6.0.2, and all later versions of Cortex XSOAR.
Risk Information
Base Score
5.6
MODERATE
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS Score
Exploitation Probability
0.122
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| CVE-2020-29510 | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234