Remote, unauthenticated cyberattackers can infiltrate and take over the Cortex XSOAR platform, Palo Alto Networks says. The bug (CVE-2021-3044) is an improper-authorization vulnerability. It rates 9.8 out of 10 on the CVSS vulnerability-severity scale. Palo Alto said it s not aware of any exploitation of the bug in the wild. To protect themselves, users should update to the latest version of the software, the vendor says.
Source: https://threatpost.com/critical-palo-alto-bug-remote-war-room/167169/