{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-15T08:29:26.708","vulnerabilities":[{"cve":{"id":"CVE-2025-0113","sourceIdentifier":"psirt@paloaltonetworks.com","published":"2025-02-12T21:15:16.950","lastModified":"2025-04-09T17:15:30.810","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A problem with the network isolation mechanism of the Palo Alto Networks Cortex XDR Broker VM allows attackers unauthorized access to Docker containers from the host network used by Broker VM. This may allow access to read files sent for analysis and logs transmitted by the Cortex XDR Agent to the Cortex XDR server."},{"lang":"es","value":"Un problema con el mecanismo de aislamiento de red de la máquina virtual Broker Cortex XDR de Palo Alto Networks permite a los atacantes acceder sin autorización a los contenedores Docker desde la red host utilizada por la máquina virtual Broker. Esto puede permitir el acceso para leer archivos enviados para análisis y registros transmitidos por el agente Cortex XDR al servidor Cortex XDR."}],"metrics":{"cvssMetricV40":[{"source":"psirt@paloaltonetworks.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0\/AV:P\/AC:L\/AT:P\/PR:N\/UI:N\/VC:H\/VI:H\/VA:N\/SC:N\/SI:N\/SA:N\/E:X\/CR:X\/IR:X\/AR:X\/MAV:X\/MAC:X\/MAT:X\/MPR:X\/MUI:X\/MVC:X\/MVI:X\/MVA:X\/MSC:X\/MSI:X\/MSA:X\/S:X\/AU:Y\/R:U\/V:C\/RE:M\/U:Amber","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"PHYSICAL","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER"}}]},"weaknesses":[{"source":"psirt@paloaltonetworks.com","type":"Secondary","description":[{"lang":"en","value":"CWE-424"}]}],"references":[{"url":"https:\/\/security.paloaltonetworks.com\/CVE-2025-0113","source":"psirt@paloaltonetworks.com"}]}}]}