Back to search
CVE-2025-2184
Published: Aug 13, 2025
Modified: Aug 13, 2025
PUBLISHED
Description
A credential management flaw in Palo Alto Networks Cortex XDR® Broker VM causes different Broker VM images to share identical default credentials for internal services. Users knowing these default credentials could access internal services on other Broker VM installations. The attacker must have network access to the Broker VM to exploit this issue.
| Vendor | Product | Versions |
|---|---|---|
Palo Alto Networks | Cortex XDR Broker VM | affected 28.0.0 - < 28.0.52 |
Weaknesses (CWE)
References
https://security.paloaltonetworks.com/CVE-2025-2184
vendor-advisory
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now