CVE-2026-0274 | THREATINT

Description

An improper validation of credentials vulnerability in the CommvaultSecurityIQ integration for Cortex XSOAR and Cortex XSIAM allows an unauthenticated attacker to access and modify protected resources.

PUBLISHED Reserved 2025-11-03 | Published 2026-06-10 | Updated 2026-06-10 | Assigner palo_alto

HIGH: 8.1CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Red

Problem types

CWE-1390 Weak Authentication

Product status

Default status

unaffected

1.1.0 (custom) before 1.2.0

affected

Default status

unaffected

1.1.0 (custom) before 1.2.0

affected

Timeline

2026-06-10:

Initial Publication.

Credits

our internal security research teams finder

References

security.paloaltonetworks.com/CVE-2026-0274 vendor-advisory

cve.org (CVE-2026-0274)

nvd.nist.gov (CVE-2026-0274)

Download JSON

help @ threatint.eu