Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2026/VULN621
_____________________________________________________________________

DATE                : 11/06/2026

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Cortex XSOAR versions 8.61, 8.62.

=====================================================================
https://security.paloaltonetworks.com/CVE-2026-0274
_____________________________________________________________________

CVE-2026-0274 Cortex XSOAR: Improper Validation of Credentials in
CommvaultSecurityIQ integration

Urgency HIGHEST

047910

Severity 8.1 · HIGH
Exploit Maturity UNREPORTED
Response Effort MODERATE
Recovery USER
Value Density DIFFUSE
Attack Vector NETWORK
Attack Complexity LOW
Attack Requirements NONE
Automatable NO
User Interaction NONE
Product Confidentiality HIGH
Product Integrity HIGH
Product Availability HIGH
Privileges Required NONE
Subsequent Confidentiality NONE
Subsequent Integrity NONE
Subsequent Availability NONE
CVE JSON CSAF
Published 2026-06-10
Updated 2026-06-10
Discovered internally


Description

An improper validation of credentials vulnerability in the
CommvaultSecurityIQ integration for Cortex XSOAR and Cortex XSIAM
allows an unauthenticated attacker to access and modify protected resources.


Product Status

Versions	Affected	Unaffected

Cortex XSIAM CommvaultSecurityIQ Marketplace 1.1.0	< 1.2.0	>= 1.2.0
Cortex XSOAR CommvaultSecurityIQ Marketplace 1.1.0	< 1.2.0	>= 1.2.0


Required Configuration for Exposure

No special configuration is required to be affected by this issue.
Severity: HIGH, Suggested Urgency: HIGHEST

CVSS-BT: 8.1 / CVSS-B: 9.3 (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Red)


Exploitation Status

Palo Alto Networks is not aware of any malicious exploitation of this issue.


Weakness Type and Impact

CWE-1390 Weak Authentication

CAPEC-475 Signature Spoofing by Improper Validation


Solution

Version    	Minor Version      	Suggested Solution

Cortex XSIAM CommvaultSecurityIQ Marketplace 1.1
	1.1.0 through 1.1.9 	Upgrade to 1.2.0 or later.

Cortex XSOAR CommvaultSecurityIQ Marketplace 1.1
	1.1.0 through 1.1.9 	Upgrade to 1.2.0 or later.


Workarounds and Mitigations

No known workarounds exist for this issue.


Acknowledgments
Palo Alto Networks thanks our internal security research teams for
discovering and reporting this issue.

CPE Applicability

        cpe:2.3:a:palo_alto_networks:cortex_xsiam_commvaultsecurityiq_marketplace:*:*:*:*:*:*:*:* is vulnerable from (including)1.2.0 and up to (excluding)1.2.0
    or
        cpe:2.3:a:palo_alto_networks:cortex_xsoar_commvaultsecurityiq_marketplace:*:*:*:*:*:*:*:* is vulnerable from (including)1.2.0 and up to (excluding)1.2.0


Timeline

2026-06-10
Initial Publication.

=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================