216.73.216.133

CVE-2025-2184

· Published 13/08/2025 17:15 · Modified 13/08/2025 17:33

Labels: CVE-2025-2184 2025-08-13CVE-2025-2184CWE-1392[email protected]

Essential information

Published
13/08/2025 17:15
Modified
13/08/2025 17:33
Author
Creator
CVSS
5.3 MEDIUM (v3) 5.3 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A credential management flaw in Palo Alto Networks Cortex XDR® Broker VM causes different Broker VM images to share identical default credentials for internal services. Users knowing these default credentials could access internal services on other Broker VM installations. The attacker must have network access to the Broker VM to exploit this issue.

NVD status

Status
Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
palo alto networks / cortex xdr broker vm cpe:2.3:a:palo_alto_networks:cortex_xdr_broker_vm:*:*:*:*:*:*:*:*

References