Cortex XDR Broker VM: Secrets Shared Across Multiple Broker VM...

5.3 / 10

MEDIUM

CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/AU:Y/R:U/V:C/RE:M/U:Amber

Description

A credential management flaw in Palo Alto Networks Cortex XDR® Broker VM causes different Broker VM images to share identical default credentials for internal services. Users knowing these default credentials could access internal services on other Broker VM installations.

The attacker must have network access to the Broker VM to exploit this issue.

Basic Information

ID CVE-2025-2184

Source palo_alto

Published Aug 13, 2025 at 17:05

Affected Product

Vendor Palo Alto Networks

Product Cortex XDR Broker VM

Version 28.0.0

Affected Versions Palo Alto Networks Cortex XDR Broker VM 28.0.0

CWE Classification

CWE-1392

References

security.paloaltonetworks.com /CVE-2025-2184

{
    "lastseen": "",
    "description": "A credential management flaw in Palo Alto Networks Cortex XDR\u00ae Broker VM causes different Broker VM images to share identical default credentials for internal services. Users knowing these default credentials could access internal services on other Broker VM installations.\n\nThe attacker must have network access to the Broker VM to exploit this issue.",
    "published": "2025-08-13T17:05:30.544Z",
    "modified": "2025-08-13T17:05:30.544Z",
    "type": "cve",
    "title": "Cortex XDR Broker VM: Secrets Shared Across Multiple Broker VM Images",
    "source": "palo_alto",
    "references": "https://security.paloaltonetworks.com/CVE-2025-2184",
    "id": "CVE-2025-2184",
    "bulletinFamily": "",
    "cwe": [
        "CWE-1392"
    ],
    "cvelist": null,
    "sourceData": "Palo Alto Networks Cortex XDR Broker VM 28.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/AU:Y/R:U/V:C/RE:M/U:Amber",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Cortex XDR Broker VM",
    "version": "28.0.0",
    "vendor": "Palo Alto Networks",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Cortex XDR Broker VM: Secrets Shared Across Multiple Broker VM Images_CVE-2025-2184