Search criteria
33 vulnerabilities found for expedition by paloaltonetworks
FKIE_CVE-2024-9467
Vulnerability from fkie_nvd - Published: 2024-10-09 17:15 - Updated: 2024-10-15 15:09
Severity ?
Summary
A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user's browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session theft.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@paloaltonetworks.com | https://security.paloaltonetworks.com/PAN-SA-2024-0010 | Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| paloaltonetworks | expedition | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13E7A504-08F4-40E4-9FF5-A707DAF6708A",
"versionEndExcluding": "1.2.96",
"versionStartIncluding": "1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user\u0027s browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session theft."
},
{
"lang": "es",
"value": "Una vulnerabilidad XSS reflejado en Palo Alto Networks Expedition permite la ejecuci\u00f3n de JavaScript malicioso en el contexto del navegador de un usuario autenticado de Expedition si ese usuario hace clic en un enlace malicioso, lo que permite ataques de phishing que podr\u00edan conducir al robo de sesiones del navegador de Expedition."
}
],
"id": "CVE-2024-9467",
"lastModified": "2024-10-15T15:09:13.297",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "HIGH"
},
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
}
]
},
"published": "2024-10-09T17:15:20.517",
"references": [
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
}
],
"sourceIdentifier": "psirt@paloaltonetworks.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-9464
Vulnerability from fkie_nvd - Published: 2024-10-09 17:15 - Updated: 2024-10-17 06:15
Severity ?
Summary
An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| paloaltonetworks | expedition | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13E7A504-08F4-40E4-9FF5-A707DAF6708A",
"versionEndExcluding": "1.2.96",
"versionStartIncluding": "1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
},
{
"lang": "es",
"value": "Una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo en Palo Alto Networks Expedition permite a un atacante autenticado ejecutar comandos del sistema operativo arbitrarios como root en Expedition, lo que resulta en la divulgaci\u00f3n de nombres de usuario, contrase\u00f1as de texto plano, configuraciones de dispositivos y claves API de dispositivos de firewalls PAN-OS."
}
],
"id": "CVE-2024-9464",
"lastModified": "2024-10-17T06:15:04.190",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "HIGH"
},
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
}
]
},
"published": "2024-10-09T17:15:20.170",
"references": [
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
},
{
"source": "psirt@paloaltonetworks.com",
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/"
}
],
"sourceIdentifier": "psirt@paloaltonetworks.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-9465
Vulnerability from fkie_nvd - Published: 2024-10-09 17:15 - Updated: 2025-11-04 16:49
Severity ?
Summary
An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| paloaltonetworks | expedition | * |
{
"cisaActionDue": "2024-12-05",
"cisaExploitAdd": "2024-11-14",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Palo Alto Networks Expedition SQL Injection Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13E7A504-08F4-40E4-9FF5-A707DAF6708A",
"versionEndExcluding": "1.2.96",
"versionStartIncluding": "1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system."
},
{
"lang": "es",
"value": "Una vulnerabilidad de inyecci\u00f3n SQL en Expedition de Palo Alto Networks permite a un atacante no autenticado revelar el contenido de la base de datos de Expedition, como hashes de contrase\u00f1as, nombres de usuario, configuraciones de dispositivos y claves API de dispositivos. Con esto, los atacantes tambi\u00e9n pueden crear y leer archivos arbitrarios en el sistema Expedition."
}
],
"id": "CVE-2024-9465",
"lastModified": "2025-11-04T16:49:01.677",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "HIGH"
},
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
}
]
},
"published": "2024-10-09T17:15:20.287",
"references": [
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
},
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Exploit"
],
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"US Government Resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9465"
}
],
"sourceIdentifier": "psirt@paloaltonetworks.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-9466
Vulnerability from fkie_nvd - Published: 2024-10-09 17:15 - Updated: 2024-10-17 06:15
Severity ?
Summary
A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| paloaltonetworks | expedition | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13E7A504-08F4-40E4-9FF5-A707DAF6708A",
"versionEndExcluding": "1.2.96",
"versionStartIncluding": "1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials."
},
{
"lang": "es",
"value": "Una vulnerabilidad de almacenamiento de texto plano de informaci\u00f3n confidencial en Palo Alto Networks Expedition permite a un atacante autenticado revelar nombres de usuario, contrase\u00f1as y claves API del firewall generadas con esas credenciales."
}
],
"id": "CVE-2024-9466",
"lastModified": "2024-10-17T06:15:04.720",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "HIGH"
},
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
}
]
},
"published": "2024-10-09T17:15:20.400",
"references": [
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
},
{
"source": "psirt@paloaltonetworks.com",
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/"
}
],
"sourceIdentifier": "psirt@paloaltonetworks.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-532"
}
],
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-312"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-9463
Vulnerability from fkie_nvd - Published: 2024-10-09 17:15 - Updated: 2025-11-04 16:48
Severity ?
Summary
An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@paloaltonetworks.com | https://security.paloaltonetworks.com/PAN-SA-2024-0010 | Mitigation, Vendor Advisory | |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9463 | US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| paloaltonetworks | expedition | * |
{
"cisaActionDue": "2024-12-05",
"cisaExploitAdd": "2024-11-14",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Palo Alto Networks Expedition OS Command Injection Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13E7A504-08F4-40E4-9FF5-A707DAF6708A",
"versionEndExcluding": "1.2.96",
"versionStartIncluding": "1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
},
{
"lang": "es",
"value": "Una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo en Palo Alto Networks Expedition permite a un atacante no autenticado ejecutar comandos arbitrarios del sistema operativo como root en Expedition, lo que resulta en la divulgaci\u00f3n de nombres de usuario, contrase\u00f1as de texto plano, configuraciones de dispositivos y claves API de dispositivos de firewalls PAN-OS."
}
],
"id": "CVE-2024-9463",
"lastModified": "2025-11-04T16:48:57.193",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "HIGH"
},
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
}
]
},
"published": "2024-10-09T17:15:19.973",
"references": [
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"US Government Resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9463"
}
],
"sourceIdentifier": "psirt@paloaltonetworks.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-5910
Vulnerability from fkie_nvd - Published: 2024-07-10 19:15 - Updated: 2025-11-04 16:48
Severity ?
Summary
Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition.
Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| paloaltonetworks | expedition | * |
{
"cisaActionDue": "2024-11-28",
"cisaExploitAdd": "2024-11-07",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Palo Alto Networks Expedition Missing Authentication Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCBF1116-E6AB-472A-82F8-2D360186A8CD",
"versionEndExcluding": "1.2.92",
"versionStartIncluding": "1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition.\n\nNote: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue."
},
{
"lang": "es",
"value": "La falta de autenticaci\u00f3n para una funci\u00f3n cr\u00edtica en Palo Alto Networks Expedition puede provocar que los atacantes con acceso a la red de Expedition tomen el control de la cuenta de administrador de Expedition. Nota: Expedition es una herramienta que ayuda en la migraci\u00f3n, el ajuste y el enriquecimiento de la configuraci\u00f3n. Los secretos de configuraci\u00f3n, las credenciales y otros datos importados a Expedition est\u00e1n en riesgo debido a este problema."
}
],
"id": "CVE-2024-5910",
"lastModified": "2025-11-04T16:48:52.637",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "YES",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "RED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:D/RE:M/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
}
]
},
"published": "2024-07-10T19:15:11.390",
"references": [
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-5910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-5910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"US Government Resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-5910"
}
],
"sourceIdentifier": "psirt@paloaltonetworks.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-1571
Vulnerability from fkie_nvd - Published: 2019-03-26 23:29 - Updated: 2024-11-21 04:36
Severity ?
Summary
The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the RADIUS server settings.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@paloaltonetworks.com | http://www.securityfocus.com/bid/107564 | Third Party Advisory, VDB Entry | |
| psirt@paloaltonetworks.com | https://securityadvisories.paloaltonetworks.com/Home/Detail/142 | Third Party Advisory | |
| psirt@paloaltonetworks.com | https://www.tenable.com/security/research/tra-2019-13 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107564 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://securityadvisories.paloaltonetworks.com/Home/Detail/142 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/research/tra-2019-13 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| paloaltonetworks | expedition | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3510BCB6-FFBD-40D8-BFA2-9362722DDC48",
"versionEndIncluding": "1.1.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the RADIUS server settings."
},
{
"lang": "es",
"value": "La herramienta Expedition Migration, en versiones 1.1.8 y anteriores, podr\u00eda permitir que un atacante autenticado ejecute JavaScript o HTML arbitrarios en las opciones del servidor RADIUS."
}
],
"id": "CVE-2019-1571",
"lastModified": "2024-11-21T04:36:50.120",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-26T23:29:00.263",
"references": [
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107564"
},
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Third Party Advisory"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107564"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
}
],
"sourceIdentifier": "psirt@paloaltonetworks.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-1569
Vulnerability from fkie_nvd - Published: 2019-03-26 22:29 - Updated: 2024-11-21 04:36
Severity ?
Summary
The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@paloaltonetworks.com | http://www.securityfocus.com/bid/107564 | Third Party Advisory, VDB Entry | |
| psirt@paloaltonetworks.com | https://securityadvisories.paloaltonetworks.com/Home/Detail/142 | Third Party Advisory | |
| psirt@paloaltonetworks.com | https://www.tenable.com/security/research/tra-2019-13 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107564 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://securityadvisories.paloaltonetworks.com/Home/Detail/142 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/research/tra-2019-13 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| paloaltonetworks | expedition | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3510BCB6-FFBD-40D8-BFA2-9362722DDC48",
"versionEndIncluding": "1.1.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user."
},
{
"lang": "es",
"value": "La herramienta Expedition Migration, en versiones 1.1.8 y anteriores, podr\u00eda permitir que un atacante autenticado ejecute JavaScript o HTML arbitrarios en las opciones de mapeo de usuarios para el nombre de cuenta del usuario administrador."
}
],
"id": "CVE-2019-1569",
"lastModified": "2024-11-21T04:36:49.903",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-26T22:29:00.660",
"references": [
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107564"
},
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Third Party Advisory"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107564"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
}
],
"sourceIdentifier": "psirt@paloaltonetworks.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-1570
Vulnerability from fkie_nvd - Published: 2019-03-26 22:29 - Updated: 2024-11-21 04:36
Severity ?
Summary
The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the LDAP server settings.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@paloaltonetworks.com | http://www.securityfocus.com/bid/107564 | Third Party Advisory, VDB Entry | |
| psirt@paloaltonetworks.com | https://securityadvisories.paloaltonetworks.com/Home/Detail/142 | Third Party Advisory | |
| psirt@paloaltonetworks.com | https://www.tenable.com/security/research/tra-2019-13 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107564 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://securityadvisories.paloaltonetworks.com/Home/Detail/142 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/research/tra-2019-13 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| paloaltonetworks | expedition | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3510BCB6-FFBD-40D8-BFA2-9362722DDC48",
"versionEndIncluding": "1.1.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the LDAP server settings."
},
{
"lang": "es",
"value": "La herramienta Expedition Migration, en versiones 1.1.8 y anteriores, podr\u00eda permitir que un atacante autenticado ejecute JavaScript o HTML arbitrarios en las opciones del servidor LDAP."
}
],
"id": "CVE-2019-1570",
"lastModified": "2024-11-21T04:36:50.010",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-26T22:29:00.723",
"references": [
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107564"
},
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Third Party Advisory"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107564"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
}
],
"sourceIdentifier": "psirt@paloaltonetworks.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2018-10143
Vulnerability from fkie_nvd - Published: 2018-12-12 00:29 - Updated: 2024-11-21 03:40
Severity ?
Summary
The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@paloaltonetworks.com | http://www.securityfocus.com/bid/106174 | Third Party Advisory, VDB Entry | |
| psirt@paloaltonetworks.com | https://doddsecurity.com/234/command-injection-on-palo-alto-networks-expedition/ | Exploit, Third Party Advisory | |
| psirt@paloaltonetworks.com | https://security.paloaltonetworks.com/CVE-2018-10143 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106174 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://doddsecurity.com/234/command-injection-on-palo-alto-networks-expedition/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.paloaltonetworks.com/CVE-2018-10143 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| paloaltonetworks | expedition | 1.0.107 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:paloaltonetworks:expedition:1.0.107:*:*:*:*:*:*:*",
"matchCriteriaId": "9DFA2F70-6F15-42C4-B86E-5C48BF5C6718",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application."
},
{
"lang": "es",
"value": "La versi\u00f3n 1.0.107 de la herramienta Palo Alto Networks Expedition Migration podr\u00eda permitir a un atacante no autenticado con acceso remoto ejecutar comandos a nivel del sistema en el dispositivo que aloje este servicio/aplicaci\u00f3n."
}
],
"id": "CVE-2018-10143",
"lastModified": "2024-11-21T03:40:55.260",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-12-12T00:29:00.247",
"references": [
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106174"
},
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://doddsecurity.com/234/command-injection-on-palo-alto-networks-expedition/"
},
{
"source": "psirt@paloaltonetworks.com",
"url": "https://security.paloaltonetworks.com/CVE-2018-10143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106174"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://doddsecurity.com/234/command-injection-on-palo-alto-networks-expedition/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.paloaltonetworks.com/CVE-2018-10143"
}
],
"sourceIdentifier": "psirt@paloaltonetworks.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2024-9467 (GCVE-0-2024-9467)
Vulnerability from cvelistv5 – Published: 2024-10-09 17:04 – Updated: 2024-10-18 11:52
VLAI?
Title
Expedition: Reflected Cross-Site Scripting Vulnerability Leads to Expedition Session Disclosure
Summary
A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user's browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session theft.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Expedition |
Affected:
1.2.0 , < 1.2.96
(custom)
cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:* |
Credits
Enrique Castillo of Palo Alto Networks
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9467",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T18:09:44.149342Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T18:10:00.314Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Enrique Castillo of Palo Alto Networks"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user\u0027s browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session theft."
}
],
"value": "A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user\u0027s browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session theft."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:52:07.963Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Reflected Cross-Site Scripting Vulnerability Leads to Expedition Session Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9467",
"datePublished": "2024-10-09T17:04:56.867Z",
"dateReserved": "2024-10-03T11:35:14.299Z",
"dateUpdated": "2024-10-18T11:52:07.963Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9466 (GCVE-0-2024-9466)
Vulnerability from cvelistv5 – Published: 2024-10-09 17:04 – Updated: 2025-09-04 15:09
VLAI?
Title
Expedition: Cleartext Storage of Information Leads to Firewall Admin Credential Disclosure
Summary
A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials.
Severity ?
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Expedition |
Affected:
1.2.0 , < 1.2.96
(custom)
cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:* |
Credits
Zach Hanley (@hacks_zach) of Horizon3.ai
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "expedition",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9466",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-04T15:09:36.928721Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T15:09:40.127Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Zach Hanley (@hacks_zach) of Horizon3.ai"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials."
}
],
"value": "A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:51:31.525Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
},
{
"tags": [
"exploit"
],
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eThe affected cleartext file will be removed automatically during the upgrade.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nThe affected cleartext file will be removed automatically during the upgrade.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Cleartext Storage of Information Leads to Firewall Admin Credential Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9466",
"datePublished": "2024-10-09T17:04:36.252Z",
"dateReserved": "2024-10-03T11:35:13.454Z",
"dateUpdated": "2025-09-04T15:09:40.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9465 (GCVE-0-2024-9465)
Vulnerability from cvelistv5 – Published: 2024-10-09 17:04 – Updated: 2025-10-21 22:55
VLAI?
Title
Expedition: SQL Injection Leads to Firewall Admin Credential Disclosure
Summary
An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Expedition |
Affected:
1.2.0 , < 1.2.96
(custom)
cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:* |
Credits
Zach Hanley (@hacks_zach) of Horizon3.ai
Enrique Castillo of Palo Alto Networks
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9465",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-20T03:55:58.218772Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-11-14",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9465"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:42.570Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9465"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-11-14T00:00:00+00:00",
"value": "CVE-2024-9465 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Zach Hanley (@hacks_zach) of Horizon3.ai"
},
{
"lang": "en",
"type": "finder",
"value": "Enrique Castillo of Palo Alto Networks"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system."
}
],
"value": "An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-108",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-108 Command Line Execution through SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:50:43.190Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
},
{
"tags": [
"exploit"
],
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: SQL Injection Leads to Firewall Admin Credential Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks.\u003cbr\u003e\u003cbr\u003eYou can check for an indicator of compromise with the following command on an Expedition system (replace \"root\" with your username if you are using a different username):\u003cbr\u003e\u003cbr\u003e\u0026nbsp; \u0026nbsp; mysql -uroot -p -D pandb -e \"SELECT * FROM cronjobs;\"\u003cbr\u003e\u003cbr\u003eIf you see any records returned, this indicates a potential compromise. Please note that if no records are returned, the system may still be compromised. This is only intended to indicate a potential compromise, rather than confirm a system has not been compromised."
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks.\n\nYou can check for an indicator of compromise with the following command on an Expedition system (replace \"root\" with your username if you are using a different username):\n\n\u00a0 \u00a0 mysql -uroot -p -D pandb -e \"SELECT * FROM cronjobs;\"\n\nIf you see any records returned, this indicates a potential compromise. Please note that if no records are returned, the system may still be compromised. This is only intended to indicate a potential compromise, rather than confirm a system has not been compromised."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9465",
"datePublished": "2024-10-09T17:04:01.720Z",
"dateReserved": "2024-10-03T11:35:12.544Z",
"dateUpdated": "2025-10-21T22:55:42.570Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9464 (GCVE-0-2024-9464)
Vulnerability from cvelistv5 – Published: 2024-10-09 17:03 – Updated: 2024-10-18 15:40
VLAI?
Title
Expedition: Authenticated OS Command Injection Vulnerability Leads to Firewall Admin Credential Disclosure
Summary
An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Expedition |
Affected:
1.2.0 , < 1.2.96
(custom)
cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:* |
Credits
Zach Hanley (@hacks_zach) of Horizon3.ai
Enrique Castillo of Palo Alto Networks
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "expedition",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9464",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-18T15:39:19.519145Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T15:40:20.097Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Zach Hanley (@hacks_zach) of Horizon3.ai"
},
{
"lang": "en",
"type": "finder",
"value": "Enrique Castillo of Palo Alto Networks"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
}
],
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:49:42.767Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
},
{
"tags": [
"exploit"
],
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Authenticated OS Command Injection Vulnerability Leads to Firewall Admin Credential Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9464",
"datePublished": "2024-10-09T17:03:33.904Z",
"dateReserved": "2024-10-03T11:35:11.680Z",
"dateUpdated": "2024-10-18T15:40:20.097Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9463 (GCVE-0-2024-9463)
Vulnerability from cvelistv5 – Published: 2024-10-09 17:03 – Updated: 2025-10-21 22:55
VLAI?
Title
Expedition: Unauthenticated OS Command Injection Vulnerability Leads to Firewall Credential Disclosure
Summary
An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Expedition |
Affected:
1.2.0 , < 1.2.96
(custom)
cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:* |
Credits
Enrique Castillo of Palo Alto Networks
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9463",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-20T03:55:56.863014Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-11-14",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9463"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:42.730Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9463"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-11-14T00:00:00+00:00",
"value": "CVE-2024-9463 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Enrique Castillo of Palo Alto Networks"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
}
],
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:47:33.445Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Unauthenticated OS Command Injection Vulnerability Leads to Firewall Credential Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks.\u003cbr\u003e"
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9463",
"datePublished": "2024-10-09T17:03:12.012Z",
"dateReserved": "2024-10-03T11:35:09.867Z",
"dateUpdated": "2025-10-21T22:55:42.730Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5910 (GCVE-0-2024-5910)
Vulnerability from cvelistv5 – Published: 2024-07-10 18:39 – Updated: 2025-10-21 22:55
VLAI?
Title
Expedition: Missing Authentication Leads to Admin Account Takeover
Summary
Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition.
Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue.
Severity ?
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Expedition |
Affected:
1.2 , < 1.2.92
(custom)
|
Credits
Brian Hysell (Synopsys CyRC)
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "expedition",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "1.2.92",
"status": "affected",
"version": "1.2",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5910",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T04:55:50.697197Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-11-07",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-5910"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:49.276Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-5910"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-11-07T00:00:00+00:00",
"value": "CVE-2024-5910 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-11-08T16:40:17.301Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-5910"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.92",
"status": "unaffected"
}
],
"lessThan": "1.2.92",
"status": "affected",
"version": "1.2",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Brian Hysell (Synopsys CyRC)"
}
],
"datePublic": "2024-07-10T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition.\u003cbr\u003e\u003cbr\u003eNote: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue."
}
],
"value": "Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition.\n\nNote: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "RED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/AU:Y/R:U/V:D/RE:M/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-10T18:39:26.006Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-5910"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in Expedition 1.2.92 and all later versions.\u003cbr\u003e"
}
],
"value": "This issue is fixed in Expedition 1.2.92 and all later versions."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-07-10T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Missing Authentication Leads to Admin Account Takeover",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks.\u003cbr\u003e"
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-5910",
"datePublished": "2024-07-10T18:39:26.006Z",
"dateReserved": "2024-06-12T15:27:55.854Z",
"dateUpdated": "2025-10-21T22:55:49.276Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1571 (GCVE-0-2019-1571)
Vulnerability from cvelistv5 – Published: 2019-03-26 22:08 – Updated: 2024-08-04 18:20
VLAI?
Summary
The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the RADIUS server settings.
Severity ?
No CVSS data available.
CWE
- Cross-site scripting
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto | Palo Alto Networks Expedition Migration Tool |
Affected:
Expedition 1.1.8 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:27.865Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107564"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Palo Alto Networks Expedition Migration Tool",
"vendor": "Palo Alto",
"versions": [
{
"status": "affected",
"version": "Expedition 1.1.8 and earlier"
}
]
}
],
"datePublic": "2019-03-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the RADIUS server settings."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-26T22:09:16",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107564"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"ID": "CVE-2019-1571",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Palo Alto Networks Expedition Migration Tool",
"version": {
"version_data": [
{
"version_value": "Expedition 1.1.8 and earlier"
}
]
}
}
]
},
"vendor_name": "Palo Alto"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the RADIUS server settings."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142",
"refsource": "CONFIRM",
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"name": "https://www.tenable.com/security/research/tra-2019-13",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107564"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2019-1571",
"datePublished": "2019-03-26T22:08:44",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-08-04T18:20:27.865Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1570 (GCVE-0-2019-1570)
Vulnerability from cvelistv5 – Published: 2019-03-26 21:46 – Updated: 2024-08-04 18:20
VLAI?
Summary
The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the LDAP server settings.
Severity ?
No CVSS data available.
CWE
- Cross-site scripting
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto | Palo Alto Networks Expedition Migration Tool |
Affected:
Expedition 1.1.8 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:28.253Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107564"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Palo Alto Networks Expedition Migration Tool",
"vendor": "Palo Alto",
"versions": [
{
"status": "affected",
"version": "Expedition 1.1.8 and earlier"
}
]
}
],
"datePublic": "2019-03-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the LDAP server settings."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-26T21:51:10",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107564"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"ID": "CVE-2019-1570",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Palo Alto Networks Expedition Migration Tool",
"version": {
"version_data": [
{
"version_value": "Expedition 1.1.8 and earlier"
}
]
}
}
]
},
"vendor_name": "Palo Alto"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the LDAP server settings."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142",
"refsource": "CONFIRM",
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"name": "https://www.tenable.com/security/research/tra-2019-13",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107564"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2019-1570",
"datePublished": "2019-03-26T21:46:42",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-08-04T18:20:28.253Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1569 (GCVE-0-2019-1569)
Vulnerability from cvelistv5 – Published: 2019-03-26 21:44 – Updated: 2024-08-04 18:20
VLAI?
Summary
The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user.
Severity ?
No CVSS data available.
CWE
- Cross-site scripting
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto | Palo Alto Networks Expedition Migration Tool |
Affected:
Expedition 1.1.8 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:27.788Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107564"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Palo Alto Networks Expedition Migration Tool",
"vendor": "Palo Alto",
"versions": [
{
"status": "affected",
"version": "Expedition 1.1.8 and earlier"
}
]
}
],
"datePublic": "2019-03-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-26T21:50:25",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107564"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"ID": "CVE-2019-1569",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Palo Alto Networks Expedition Migration Tool",
"version": {
"version_data": [
{
"version_value": "Expedition 1.1.8 and earlier"
}
]
}
}
]
},
"vendor_name": "Palo Alto"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/research/tra-2019-13",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107564"
},
{
"name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142",
"refsource": "MISC",
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2019-1569",
"datePublished": "2019-03-26T21:44:41",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-08-04T18:20:27.788Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10143 (GCVE-0-2018-10143)
Vulnerability from cvelistv5 – Published: 2018-12-12 00:00 – Updated: 2024-08-05 07:32
VLAI?
Summary
The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application.
Severity ?
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Palo Alto Networks Expedition |
Affected:
Expedition 1.0.107 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:32:01.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106174",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106174"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://doddsecurity.com/234/command-injection-on-palo-alto-networks-expedition/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2018-10143"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Palo Alto Networks Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "affected",
"version": "Expedition 1.0.107 and earlier"
}
]
}
],
"datePublic": "2018-12-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-17T16:03:46",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"name": "106174",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106174"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://doddsecurity.com/234/command-injection-on-palo-alto-networks-expedition/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.paloaltonetworks.com/CVE-2018-10143"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"ID": "CVE-2018-10143",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Palo Alto Networks Expedition",
"version": {
"version_data": [
{
"version_value": "Expedition 1.0.107 and earlier"
}
]
}
}
]
},
"vendor_name": "Palo Alto Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106174",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106174"
},
{
"name": "https://doddsecurity.com/234/command-injection-on-palo-alto-networks-expedition/",
"refsource": "MISC",
"url": "https://doddsecurity.com/234/command-injection-on-palo-alto-networks-expedition/"
},
{
"name": "https://security.paloaltonetworks.com/CVE-2018-10143",
"refsource": "CONFIRM",
"url": "https://security.paloaltonetworks.com/CVE-2018-10143"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2018-10143",
"datePublished": "2018-12-12T00:00:00",
"dateReserved": "2018-04-16T00:00:00",
"dateUpdated": "2024-08-05T07:32:01.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9467 (GCVE-0-2024-9467)
Vulnerability from nvd – Published: 2024-10-09 17:04 – Updated: 2024-10-18 11:52
VLAI?
Title
Expedition: Reflected Cross-Site Scripting Vulnerability Leads to Expedition Session Disclosure
Summary
A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user's browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session theft.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Expedition |
Affected:
1.2.0 , < 1.2.96
(custom)
cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:* |
Credits
Enrique Castillo of Palo Alto Networks
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9467",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T18:09:44.149342Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T18:10:00.314Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Enrique Castillo of Palo Alto Networks"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user\u0027s browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session theft."
}
],
"value": "A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user\u0027s browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session theft."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:52:07.963Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Reflected Cross-Site Scripting Vulnerability Leads to Expedition Session Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9467",
"datePublished": "2024-10-09T17:04:56.867Z",
"dateReserved": "2024-10-03T11:35:14.299Z",
"dateUpdated": "2024-10-18T11:52:07.963Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9466 (GCVE-0-2024-9466)
Vulnerability from nvd – Published: 2024-10-09 17:04 – Updated: 2025-09-04 15:09
VLAI?
Title
Expedition: Cleartext Storage of Information Leads to Firewall Admin Credential Disclosure
Summary
A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials.
Severity ?
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Expedition |
Affected:
1.2.0 , < 1.2.96
(custom)
cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:* |
Credits
Zach Hanley (@hacks_zach) of Horizon3.ai
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "expedition",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9466",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-04T15:09:36.928721Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T15:09:40.127Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Zach Hanley (@hacks_zach) of Horizon3.ai"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials."
}
],
"value": "A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:51:31.525Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
},
{
"tags": [
"exploit"
],
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eThe affected cleartext file will be removed automatically during the upgrade.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nThe affected cleartext file will be removed automatically during the upgrade.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Cleartext Storage of Information Leads to Firewall Admin Credential Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9466",
"datePublished": "2024-10-09T17:04:36.252Z",
"dateReserved": "2024-10-03T11:35:13.454Z",
"dateUpdated": "2025-09-04T15:09:40.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9465 (GCVE-0-2024-9465)
Vulnerability from nvd – Published: 2024-10-09 17:04 – Updated: 2025-10-21 22:55
VLAI?
Title
Expedition: SQL Injection Leads to Firewall Admin Credential Disclosure
Summary
An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Expedition |
Affected:
1.2.0 , < 1.2.96
(custom)
cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:* |
Credits
Zach Hanley (@hacks_zach) of Horizon3.ai
Enrique Castillo of Palo Alto Networks
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9465",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-20T03:55:58.218772Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-11-14",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9465"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:42.570Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9465"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-11-14T00:00:00+00:00",
"value": "CVE-2024-9465 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Zach Hanley (@hacks_zach) of Horizon3.ai"
},
{
"lang": "en",
"type": "finder",
"value": "Enrique Castillo of Palo Alto Networks"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system."
}
],
"value": "An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-108",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-108 Command Line Execution through SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:50:43.190Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
},
{
"tags": [
"exploit"
],
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: SQL Injection Leads to Firewall Admin Credential Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks.\u003cbr\u003e\u003cbr\u003eYou can check for an indicator of compromise with the following command on an Expedition system (replace \"root\" with your username if you are using a different username):\u003cbr\u003e\u003cbr\u003e\u0026nbsp; \u0026nbsp; mysql -uroot -p -D pandb -e \"SELECT * FROM cronjobs;\"\u003cbr\u003e\u003cbr\u003eIf you see any records returned, this indicates a potential compromise. Please note that if no records are returned, the system may still be compromised. This is only intended to indicate a potential compromise, rather than confirm a system has not been compromised."
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks.\n\nYou can check for an indicator of compromise with the following command on an Expedition system (replace \"root\" with your username if you are using a different username):\n\n\u00a0 \u00a0 mysql -uroot -p -D pandb -e \"SELECT * FROM cronjobs;\"\n\nIf you see any records returned, this indicates a potential compromise. Please note that if no records are returned, the system may still be compromised. This is only intended to indicate a potential compromise, rather than confirm a system has not been compromised."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9465",
"datePublished": "2024-10-09T17:04:01.720Z",
"dateReserved": "2024-10-03T11:35:12.544Z",
"dateUpdated": "2025-10-21T22:55:42.570Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9464 (GCVE-0-2024-9464)
Vulnerability from nvd – Published: 2024-10-09 17:03 – Updated: 2024-10-18 15:40
VLAI?
Title
Expedition: Authenticated OS Command Injection Vulnerability Leads to Firewall Admin Credential Disclosure
Summary
An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Expedition |
Affected:
1.2.0 , < 1.2.96
(custom)
cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:* |
Credits
Zach Hanley (@hacks_zach) of Horizon3.ai
Enrique Castillo of Palo Alto Networks
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "expedition",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9464",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-18T15:39:19.519145Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T15:40:20.097Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Zach Hanley (@hacks_zach) of Horizon3.ai"
},
{
"lang": "en",
"type": "finder",
"value": "Enrique Castillo of Palo Alto Networks"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
}
],
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:49:42.767Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
},
{
"tags": [
"exploit"
],
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Authenticated OS Command Injection Vulnerability Leads to Firewall Admin Credential Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9464",
"datePublished": "2024-10-09T17:03:33.904Z",
"dateReserved": "2024-10-03T11:35:11.680Z",
"dateUpdated": "2024-10-18T15:40:20.097Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9463 (GCVE-0-2024-9463)
Vulnerability from nvd – Published: 2024-10-09 17:03 – Updated: 2025-10-21 22:55
VLAI?
Title
Expedition: Unauthenticated OS Command Injection Vulnerability Leads to Firewall Credential Disclosure
Summary
An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Expedition |
Affected:
1.2.0 , < 1.2.96
(custom)
cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:* |
Credits
Enrique Castillo of Palo Alto Networks
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9463",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-20T03:55:56.863014Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-11-14",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9463"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:42.730Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9463"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-11-14T00:00:00+00:00",
"value": "CVE-2024-9463 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Enrique Castillo of Palo Alto Networks"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
}
],
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:47:33.445Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Unauthenticated OS Command Injection Vulnerability Leads to Firewall Credential Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks.\u003cbr\u003e"
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9463",
"datePublished": "2024-10-09T17:03:12.012Z",
"dateReserved": "2024-10-03T11:35:09.867Z",
"dateUpdated": "2025-10-21T22:55:42.730Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5910 (GCVE-0-2024-5910)
Vulnerability from nvd – Published: 2024-07-10 18:39 – Updated: 2025-10-21 22:55
VLAI?
Title
Expedition: Missing Authentication Leads to Admin Account Takeover
Summary
Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition.
Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue.
Severity ?
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Expedition |
Affected:
1.2 , < 1.2.92
(custom)
|
Credits
Brian Hysell (Synopsys CyRC)
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "expedition",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "1.2.92",
"status": "affected",
"version": "1.2",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5910",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T04:55:50.697197Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-11-07",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-5910"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:49.276Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-5910"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-11-07T00:00:00+00:00",
"value": "CVE-2024-5910 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-11-08T16:40:17.301Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-5910"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.92",
"status": "unaffected"
}
],
"lessThan": "1.2.92",
"status": "affected",
"version": "1.2",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Brian Hysell (Synopsys CyRC)"
}
],
"datePublic": "2024-07-10T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition.\u003cbr\u003e\u003cbr\u003eNote: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue."
}
],
"value": "Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition.\n\nNote: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "RED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/AU:Y/R:U/V:D/RE:M/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-10T18:39:26.006Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-5910"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in Expedition 1.2.92 and all later versions.\u003cbr\u003e"
}
],
"value": "This issue is fixed in Expedition 1.2.92 and all later versions."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-07-10T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Missing Authentication Leads to Admin Account Takeover",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks.\u003cbr\u003e"
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-5910",
"datePublished": "2024-07-10T18:39:26.006Z",
"dateReserved": "2024-06-12T15:27:55.854Z",
"dateUpdated": "2025-10-21T22:55:49.276Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1571 (GCVE-0-2019-1571)
Vulnerability from nvd – Published: 2019-03-26 22:08 – Updated: 2024-08-04 18:20
VLAI?
Summary
The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the RADIUS server settings.
Severity ?
No CVSS data available.
CWE
- Cross-site scripting
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto | Palo Alto Networks Expedition Migration Tool |
Affected:
Expedition 1.1.8 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:27.865Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107564"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Palo Alto Networks Expedition Migration Tool",
"vendor": "Palo Alto",
"versions": [
{
"status": "affected",
"version": "Expedition 1.1.8 and earlier"
}
]
}
],
"datePublic": "2019-03-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the RADIUS server settings."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-26T22:09:16",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107564"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"ID": "CVE-2019-1571",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Palo Alto Networks Expedition Migration Tool",
"version": {
"version_data": [
{
"version_value": "Expedition 1.1.8 and earlier"
}
]
}
}
]
},
"vendor_name": "Palo Alto"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the RADIUS server settings."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142",
"refsource": "CONFIRM",
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"name": "https://www.tenable.com/security/research/tra-2019-13",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107564"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2019-1571",
"datePublished": "2019-03-26T22:08:44",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-08-04T18:20:27.865Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1570 (GCVE-0-2019-1570)
Vulnerability from nvd – Published: 2019-03-26 21:46 – Updated: 2024-08-04 18:20
VLAI?
Summary
The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the LDAP server settings.
Severity ?
No CVSS data available.
CWE
- Cross-site scripting
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto | Palo Alto Networks Expedition Migration Tool |
Affected:
Expedition 1.1.8 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:28.253Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107564"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Palo Alto Networks Expedition Migration Tool",
"vendor": "Palo Alto",
"versions": [
{
"status": "affected",
"version": "Expedition 1.1.8 and earlier"
}
]
}
],
"datePublic": "2019-03-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the LDAP server settings."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-26T21:51:10",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107564"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"ID": "CVE-2019-1570",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Palo Alto Networks Expedition Migration Tool",
"version": {
"version_data": [
{
"version_value": "Expedition 1.1.8 and earlier"
}
]
}
}
]
},
"vendor_name": "Palo Alto"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the LDAP server settings."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142",
"refsource": "CONFIRM",
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"name": "https://www.tenable.com/security/research/tra-2019-13",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107564"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2019-1570",
"datePublished": "2019-03-26T21:46:42",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-08-04T18:20:28.253Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1569 (GCVE-0-2019-1569)
Vulnerability from nvd – Published: 2019-03-26 21:44 – Updated: 2024-08-04 18:20
VLAI?
Summary
The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user.
Severity ?
No CVSS data available.
CWE
- Cross-site scripting
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto | Palo Alto Networks Expedition Migration Tool |
Affected:
Expedition 1.1.8 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:27.788Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107564"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Palo Alto Networks Expedition Migration Tool",
"vendor": "Palo Alto",
"versions": [
{
"status": "affected",
"version": "Expedition 1.1.8 and earlier"
}
]
}
],
"datePublic": "2019-03-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-26T21:50:25",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107564"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"ID": "CVE-2019-1569",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Palo Alto Networks Expedition Migration Tool",
"version": {
"version_data": [
{
"version_value": "Expedition 1.1.8 and earlier"
}
]
}
}
]
},
"vendor_name": "Palo Alto"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/research/tra-2019-13",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107564"
},
{
"name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142",
"refsource": "MISC",
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2019-1569",
"datePublished": "2019-03-26T21:44:41",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-08-04T18:20:27.788Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10143 (GCVE-0-2018-10143)
Vulnerability from nvd – Published: 2018-12-12 00:00 – Updated: 2024-08-05 07:32
VLAI?
Summary
The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application.
Severity ?
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Palo Alto Networks Expedition |
Affected:
Expedition 1.0.107 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:32:01.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106174",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106174"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://doddsecurity.com/234/command-injection-on-palo-alto-networks-expedition/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2018-10143"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Palo Alto Networks Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "affected",
"version": "Expedition 1.0.107 and earlier"
}
]
}
],
"datePublic": "2018-12-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-17T16:03:46",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"name": "106174",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106174"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://doddsecurity.com/234/command-injection-on-palo-alto-networks-expedition/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.paloaltonetworks.com/CVE-2018-10143"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"ID": "CVE-2018-10143",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Palo Alto Networks Expedition",
"version": {
"version_data": [
{
"version_value": "Expedition 1.0.107 and earlier"
}
]
}
}
]
},
"vendor_name": "Palo Alto Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106174",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106174"
},
{
"name": "https://doddsecurity.com/234/command-injection-on-palo-alto-networks-expedition/",
"refsource": "MISC",
"url": "https://doddsecurity.com/234/command-injection-on-palo-alto-networks-expedition/"
},
{
"name": "https://security.paloaltonetworks.com/CVE-2018-10143",
"refsource": "CONFIRM",
"url": "https://security.paloaltonetworks.com/CVE-2018-10143"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2018-10143",
"datePublished": "2018-12-12T00:00:00",
"dateReserved": "2018-04-16T00:00:00",
"dateUpdated": "2024-08-05T07:32:01.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}