CVE-2025-2184

Medium CVSS 5.3

Overview

A credential management flaw in Palo Alto Networks Cortex XDR® Broker VM causes different Broker VM images to share identical default credentials for internal services. Users knowing these default credentials could access internal services on other Broker VM installations.

The attacker must have network access to the Broker VM to exploit this issue.

CWE: CWE-1392 Published: 2025-08-13T17:15:27.513

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 5.3 (MEDIUM)
Detected tags: default_cred (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags