All the vulnerabilites related to Palo Alto Networks - Expedition
cve-2020-1977
Vulnerability from cvelistv5
Published
2020-02-12 22:57
Modified
2024-09-17 01:01
Severity ?
EPSS score ?
Summary
Expedition Migration Tool: Insufficient Cross Site Request Forgery protection.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.paloaltonetworks.com/CVE-2020-1977 | x_refsource_MISC | |
| https://www.tenable.com/security/research/tra-2020-11 | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Palo Alto Networks | Expedition |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2020-1977"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2020-11"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.1.52",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.1.51",
"status": "affected",
"version": "1.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Palo Alto Networks thanks Jimi Sebree of Tenable Research for discovering and responsibly reporting this issue."
}
],
"datePublic": "2020-02-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Insufficient Cross-Site Request Forgery (XSRF) protection on Expedition Migration Tool allows remote unauthenticated attackers to hijack the authentication of administrators and to perform actions on the Expedition Migration Tool. This issue affects Expedition Migration Tool 1.1.51 and earlier versions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-19T18:06:04",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.paloaltonetworks.com/CVE-2020-1977"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2020-11"
}
],
"solutions": [
{
"lang": "en",
"value": "This issue is fixed in Expedition Migration Tool 1.1.52 and later versions."
}
],
"source": {
"defect": [
"MT-1593"
],
"discovery": "EXTERNAL"
},
"title": "Expedition Migration Tool: Insufficient Cross Site Request Forgery protection.",
"workarounds": [
{
"lang": "en",
"value": "To prevent the chance of malicious websites making forged requests to Expedition Migration Tool, you should access the tool exclusively from a web browser and log out after each use."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2020-02-12T17:00:00.000Z",
"ID": "CVE-2020-1977",
"STATE": "PUBLIC",
"TITLE": "Expedition Migration Tool: Insufficient Cross Site Request Forgery protection."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Expedition",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "1.1",
"version_value": "1.1.51"
},
{
"version_affected": "!\u003e=",
"version_name": "1.1",
"version_value": "1.1.52"
}
]
}
}
]
},
"vendor_name": "Palo Alto Networks"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Palo Alto Networks thanks Jimi Sebree of Tenable Research for discovering and responsibly reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient Cross-Site Request Forgery (XSRF) protection on Expedition Migration Tool allows remote unauthenticated attackers to hijack the authentication of administrators and to perform actions on the Expedition Migration Tool. This issue affects Expedition Migration Tool 1.1.51 and earlier versions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.paloaltonetworks.com/CVE-2020-1977",
"refsource": "MISC",
"url": "https://security.paloaltonetworks.com/CVE-2020-1977"
},
{
"name": "https://www.tenable.com/security/research/tra-2020-11",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2020-11"
}
]
},
"solution": [
{
"lang": "en",
"value": "This issue is fixed in Expedition Migration Tool 1.1.52 and later versions."
}
],
"source": {
"defect": [
"MT-1593"
],
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "To prevent the chance of malicious websites making forged requests to Expedition Migration Tool, you should access the tool exclusively from a web browser and log out after each use."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2020-1977",
"datePublished": "2020-02-12T22:57:08.179851Z",
"dateReserved": "2019-12-04T00:00:00",
"dateUpdated": "2024-09-17T01:01:37.367Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-9464
Vulnerability from cvelistv5
Published
2024-10-09 17:03
Modified
2024-10-18 15:40
Severity ?
EPSS score ?
Summary
Expedition: Authenticated OS Command Injection Vulnerability Leads to Firewall Admin Credential Disclosure
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Palo Alto Networks | Expedition |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "expedition",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9464",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-18T15:39:19.519145Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T15:40:20.097Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Zach Hanley (@hacks_zach) of Horizon3.ai"
},
{
"lang": "en",
"type": "finder",
"value": "Enrique Castillo of Palo Alto Networks"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
}
],
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:49:42.767Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
},
{
"tags": [
"exploit"
],
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Authenticated OS Command Injection Vulnerability Leads to Firewall Admin Credential Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9464",
"datePublished": "2024-10-09T17:03:33.904Z",
"dateReserved": "2024-10-03T11:35:11.680Z",
"dateUpdated": "2024-10-18T15:40:20.097Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-5910
Vulnerability from cvelistv5
Published
2024-07-10 18:39
Modified
2024-11-08 16:40
Severity ?
EPSS score ?
Summary
Expedition: Missing Authentication Leads to Admin Account Takeover
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.paloaltonetworks.com/CVE-2024-5910 | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Palo Alto Networks | Expedition |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "expedition",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "1.2.92",
"status": "affected",
"version": "1.2",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5910",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-11T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-11-07",
"reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T17:20:23.515Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2024-11-07T00:00:00+00:00",
"value": "CVE-2024-5910 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-11-08T16:40:17.301Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-5910"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.92",
"status": "unaffected"
}
],
"lessThan": "1.2.92",
"status": "affected",
"version": "1.2",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Brian Hysell (Synopsys CyRC)"
}
],
"datePublic": "2024-07-10T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition.\u003cbr\u003e\u003cbr\u003eNote: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue."
}
],
"value": "Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition.\n\nNote: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "RED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/AU:Y/R:U/V:D/RE:M/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-10T18:39:26.006Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-5910"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in Expedition 1.2.92 and all later versions.\u003cbr\u003e"
}
],
"value": "This issue is fixed in Expedition 1.2.92 and all later versions."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-07-10T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Missing Authentication Leads to Admin Account Takeover",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks.\u003cbr\u003e"
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-5910",
"datePublished": "2024-07-10T18:39:26.006Z",
"dateReserved": "2024-06-12T15:27:55.854Z",
"dateUpdated": "2024-11-08T16:40:17.301Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-9463
Vulnerability from cvelistv5
Published
2024-10-09 17:03
Modified
2024-11-14 23:20
Severity ?
EPSS score ?
Summary
Expedition: Unauthenticated OS Command Injection Vulnerability Leads to Firewall Credential Disclosure
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.paloaltonetworks.com/PAN-SA-2024-0010 | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Palo Alto Networks | Expedition |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9463",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-14T19:08:32.747310Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-11-14",
"reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-14T23:20:22.967Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2024-11-14T00:00:00+00:00",
"value": "CVE-2024-9463 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Enrique Castillo of Palo Alto Networks"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
}
],
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:47:33.445Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Unauthenticated OS Command Injection Vulnerability Leads to Firewall Credential Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks.\u003cbr\u003e"
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9463",
"datePublished": "2024-10-09T17:03:12.012Z",
"dateReserved": "2024-10-03T11:35:09.867Z",
"dateUpdated": "2024-11-14T23:20:22.967Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-9465
Vulnerability from cvelistv5
Published
2024-10-09 17:04
Modified
2024-11-14 23:20
Severity ?
EPSS score ?
Summary
Expedition: SQL Injection Leads to Firewall Admin Credential Disclosure
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Palo Alto Networks | Expedition |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9465",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-14T19:08:21.984574Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-11-14",
"reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-14T23:20:22.620Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2024-11-14T00:00:00+00:00",
"value": "CVE-2024-9465 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Zach Hanley (@hacks_zach) of Horizon3.ai"
},
{
"lang": "en",
"type": "finder",
"value": "Enrique Castillo of Palo Alto Networks"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system."
}
],
"value": "An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-108",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-108 Command Line Execution through SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:50:43.190Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
},
{
"tags": [
"exploit"
],
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: SQL Injection Leads to Firewall Admin Credential Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks.\u003cbr\u003e\u003cbr\u003eYou can check for an indicator of compromise with the following command on an Expedition system (replace \"root\" with your username if you are using a different username):\u003cbr\u003e\u003cbr\u003e\u0026nbsp; \u0026nbsp; mysql -uroot -p -D pandb -e \"SELECT * FROM cronjobs;\"\u003cbr\u003e\u003cbr\u003eIf you see any records returned, this indicates a potential compromise. Please note that if no records are returned, the system may still be compromised. This is only intended to indicate a potential compromise, rather than confirm a system has not been compromised."
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks.\n\nYou can check for an indicator of compromise with the following command on an Expedition system (replace \"root\" with your username if you are using a different username):\n\n\u00a0 \u00a0 mysql -uroot -p -D pandb -e \"SELECT * FROM cronjobs;\"\n\nIf you see any records returned, this indicates a potential compromise. Please note that if no records are returned, the system may still be compromised. This is only intended to indicate a potential compromise, rather than confirm a system has not been compromised."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9465",
"datePublished": "2024-10-09T17:04:01.720Z",
"dateReserved": "2024-10-03T11:35:12.544Z",
"dateUpdated": "2024-11-14T23:20:22.620Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-9467
Vulnerability from cvelistv5
Published
2024-10-09 17:04
Modified
2024-10-18 11:52
Severity ?
EPSS score ?
Summary
Expedition: Reflected Cross-Site Scripting Vulnerability Leads to Expedition Session Disclosure
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.paloaltonetworks.com/PAN-SA-2024-0010 | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Palo Alto Networks | Expedition |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9467",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T18:09:44.149342Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T18:10:00.314Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Enrique Castillo of Palo Alto Networks"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user\u0027s browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session theft."
}
],
"value": "A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user\u0027s browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session theft."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:52:07.963Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Reflected Cross-Site Scripting Vulnerability Leads to Expedition Session Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9467",
"datePublished": "2024-10-09T17:04:56.867Z",
"dateReserved": "2024-10-03T11:35:14.299Z",
"dateUpdated": "2024-10-18T11:52:07.963Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-9466
Vulnerability from cvelistv5
Published
2024-10-09 17:04
Modified
2024-10-18 11:51
Severity ?
EPSS score ?
Summary
Expedition: Cleartext Storage of Information Leads to Firewall Admin Credential Disclosure
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Palo Alto Networks | Expedition |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "expedition",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9466",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-10T17:36:02.686341Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-10T17:37:16.246Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Zach Hanley (@hacks_zach) of Horizon3.ai"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials."
}
],
"value": "A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:51:31.525Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
},
{
"tags": [
"exploit"
],
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eThe affected cleartext file will be removed automatically during the upgrade.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nThe affected cleartext file will be removed automatically during the upgrade.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Cleartext Storage of Information Leads to Firewall Admin Credential Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9466",
"datePublished": "2024-10-09T17:04:36.252Z",
"dateReserved": "2024-10-03T11:35:13.454Z",
"dateUpdated": "2024-10-18T11:51:31.525Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}