How severe is CVE-2022-0013?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2022-0013?

This is classified as CWE-538, which is a common weakness in software security.

CVE-2022-0013

MEDIUM Year: 2022

CVSS v3 Score

5.5

Medium

CVSS v2 Score

2.1

Low

Weakness Type

CWE-538

View all →

Vulnerability Description

A file information exposure vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local attacker to read the contents of arbitrary files on the system with elevated privileges when generating a support file. This issue impacts: Cortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.12; Cortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.9; Cortex XDR agent 7.2 versions earlier than Cortex XDR agent 7.2.4; Cortex XDR agent 7.3 versions earlier than Cortex XDR agent 7.3.2.

CVE-2021-3709

MEDIUM

CVSS:5.5(Medium)

Function check_attachment_for_errors() in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. This issue affects: apport 2.14.1 versions prior t...

CWE-5382021

CVE-2023-38558

MEDIUM

CVSS:5.5(Medium)

A vulnerability has been identified in SIMATIC PCS neo (Administration Console) V4.0 (All versions), SIMATIC PCS neo (Administration Console) V4.0 Update 1 (All versions). The affected application lea...

CWE-5382023

CVE-2023-4480

MEDIUM

CVSS:5.5(Medium)

Due to an out-of-date dependency in the “Fusion File Manager” component accessible through the admin panel, an attacker can send a crafted request that allows them to read the contents of files on the...

CWE-5382023

CVE-2025-20665

MEDIUM

CVSS:5.5(Medium)

In devinfo, there is a possible information disclosure due to a missing SELinux policy. This could lead to local information disclosure of device identifier with no additional execution privileges nee...

CWE-5382025

CVE-2017-9947

MEDIUM

CVSS:5.3(Medium)

A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. A directory traversal vulnerability could allow a remote attacker with netwo...

CWE-5382017

CVE-2021-32822

MEDIUM

CVSS:5.3(Medium)

The npm hbs package is an Express view engine wrapper for Handlebars. Depending on usage, users of hbs may be vulnerable to a file disclosure vulnerability. There is currently no patch for this vulner...

CWE-5382021

CVE-2022-0013

Vulnerability Description

Related Vulnerabilities

CVE-2021-3709

CVE-2023-38558

CVE-2023-4480

CVE-2025-20665

CVE-2017-9947

CVE-2021-32822