cvelistv5 - cve-2024-9464

CVE-2024-9464 (GCVE-0-2024-9464)

Vulnerability from cvelistv5 – Published: 2024-10-09 17:03 – Updated: 2024-10-18 15:40

Summary

An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.

Severity ?

9.3 (Critical)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber

CWE

CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Assigner

palo_alto

References

URL

Tags

	https://security.paloaltonetworks.com/PAN-SA-2024-0010	vendor-advisory
	https://www.horizon3.ai/attack-research/palo-alto…	exploit

Impacted products

	Vendor	Product	Version
	Palo Alto Networks	Expedition	Affected: 1.2.0 , < 1.2.96 (custom) cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-::::::

Credits

Zach Hanley (@hacks_zach) of Horizon3.ai Enrique Castillo of Palo Alto Networks

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "expedition",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "1.2.96",
                "status": "affected",
                "version": "1.2.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-9464",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-18T15:39:19.519145Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-18T15:40:20.097Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Expedition",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "1.2.96",
                  "status": "unaffected"
                }
              ],
              "lessThan": "1.2.96",
              "status": "affected",
              "version": "1.2.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Zach Hanley (@hacks_zach) of Horizon3.ai"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Enrique Castillo of Palo Alto Networks"
        }
      ],
      "datePublic": "2024-10-09T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
            }
          ],
          "value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-88",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-88 OS Command Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "LOW",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "HIGH"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-18T11:49:42.767Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
            }
          ],
          "value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-10-09T16:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "Expedition: Authenticated OS Command Injection Vulnerability Leads to Firewall Admin Credential Disclosure",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
            }
          ],
          "value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-9464",
    "datePublished": "2024-10-09T17:03:33.904Z",
    "dateReserved": "2024-10-03T11:35:11.680Z",
    "dateUpdated": "2024-10-18T15:40:20.097Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.2.0\", \"versionEndExcluding\": \"1.2.96\", \"matchCriteriaId\": \"13E7A504-08F4-40E4-9FF5-A707DAF6708A\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de inyecci\\u00f3n de comandos del sistema operativo en Palo Alto Networks Expedition permite a un atacante autenticado ejecutar comandos del sistema operativo arbitrarios como root en Expedition, lo que resulta en la divulgaci\\u00f3n de nombres de usuario, contrase\\u00f1as de texto plano, configuraciones de dispositivos y claves API de dispositivos de firewalls PAN-OS.\"}]",
      "id": "CVE-2024-9464",
      "lastModified": "2024-10-17T06:15:04.190",
      "metrics": "{\"cvssMetricV40\": [{\"source\": \"psirt@paloaltonetworks.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"4.0\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:H/U:Amber\", \"baseScore\": 9.3, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"vulnerableSystemConfidentiality\": \"HIGH\", \"vulnerableSystemIntegrity\": \"HIGH\", \"vulnerableSystemAvailability\": \"HIGH\", \"subsequentSystemConfidentiality\": \"HIGH\", \"subsequentSystemIntegrity\": \"NONE\", \"subsequentSystemAvailability\": \"NONE\", \"exploitMaturity\": \"NOT_DEFINED\", \"confidentialityRequirements\": \"NOT_DEFINED\", \"integrityRequirements\": \"NOT_DEFINED\", \"availabilityRequirements\": \"NOT_DEFINED\", \"modifiedAttackVector\": \"NOT_DEFINED\", \"modifiedAttackComplexity\": \"NOT_DEFINED\", \"modifiedAttackRequirements\": \"NOT_DEFINED\", \"modifiedPrivilegesRequired\": \"NOT_DEFINED\", \"modifiedUserInteraction\": \"NOT_DEFINED\", \"modifiedVulnerableSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedVulnerableSystemIntegrity\": \"NOT_DEFINED\", \"modifiedVulnerableSystemAvailability\": \"NOT_DEFINED\", \"modifiedSubsequentSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedSubsequentSystemIntegrity\": \"NOT_DEFINED\", \"modifiedSubsequentSystemAvailability\": \"NOT_DEFINED\", \"safety\": \"NOT_DEFINED\", \"automatable\": \"NO\", \"recovery\": \"USER\", \"valueDensity\": \"CONCENTRATED\", \"vulnerabilityResponseEffort\": \"HIGH\", \"providerUrgency\": \"AMBER\"}}], \"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.6}]}",
      "published": "2024-10-09T17:15:20.170",
      "references": "[{\"url\": \"https://security.paloaltonetworks.com/PAN-SA-2024-0010\", \"source\": \"psirt@paloaltonetworks.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/\", \"source\": \"psirt@paloaltonetworks.com\"}]",
      "sourceIdentifier": "psirt@paloaltonetworks.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"psirt@paloaltonetworks.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-78\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-78\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-9464\",\"sourceIdentifier\":\"psirt@paloaltonetworks.com\",\"published\":\"2024-10-09T17:15:20.170\",\"lastModified\":\"2024-10-17T06:15:04.190\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo en Palo Alto Networks Expedition permite a un atacante autenticado ejecutar comandos del sistema operativo arbitrarios como root en Expedition, lo que resulta en la divulgaci\u00f3n de nombres de usuario, contrase\u00f1as de texto plano, configuraciones de dispositivos y claves API de dispositivos de firewalls PAN-OS.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:H/U:Amber\",\"baseScore\":9.3,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"HIGH\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NO\",\"Recovery\":\"USER\",\"valueDensity\":\"CONCENTRATED\",\"vulnerabilityResponseEffort\":\"HIGH\",\"providerUrgency\":\"AMBER\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.2.0\",\"versionEndExcluding\":\"1.2.96\",\"matchCriteriaId\":\"13E7A504-08F4-40E4-9FF5-A707DAF6708A\"}]}]}],\"references\":[{\"url\":\"https://security.paloaltonetworks.com/PAN-SA-2024-0010\",\"source\":\"psirt@paloaltonetworks.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/\",\"source\":\"psirt@paloaltonetworks.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-9464\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-18T15:39:19.519145Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*\"], \"vendor\": \"paloaltonetworks\", \"product\": \"expedition\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.2.0\", \"lessThan\": \"1.2.96\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-09T18:11:24.728Z\"}}], \"cna\": {\"title\": \"Expedition: Authenticated OS Command Injection Vulnerability Leads to Firewall Admin Credential Disclosure\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Zach Hanley (@hacks_zach) of Horizon3.ai\"}, {\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Enrique Castillo of Palo Alto Networks\"}], \"impacts\": [{\"capecId\": \"CAPEC-88\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-88 OS Command Injection\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"USER\", \"baseScore\": 9.3, \"Automatable\": \"NO\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"valueDensity\": \"CONCENTRATED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber\", \"providerUrgency\": \"AMBER\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"HIGH\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*\"], \"vendor\": \"Palo Alto Networks\", \"product\": \"Expedition\", \"versions\": [{\"status\": \"affected\", \"changes\": [{\"at\": \"1.2.96\", \"status\": \"unaffected\"}], \"version\": \"1.2.0\", \"lessThan\": \"1.2.96\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"Palo Alto Networks is not aware of any malicious exploitation of these issues.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Palo Alto Networks is not aware of any malicious exploitation of these issues.\", \"base64\": false}]}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-10-09T16:00:00.000Z\", \"value\": \"Initial publication\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\\n\\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\\n\\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating.\", \"base64\": false}]}], \"datePublic\": \"2024-10-09T16:00:00.000Z\", \"references\": [{\"url\": \"https://security.paloaltonetworks.com/PAN-SA-2024-0010\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/\", \"tags\": [\"exploit\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Ensure networks access to Expedition is restricted to authorized users, hosts, or networks.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Ensure networks access to Expedition is restricted to authorized users, hosts, or networks.\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-78\", \"description\": \"CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"d6c1279f-00f6-4ef7-9217-f89ffe703ec0\", \"shortName\": \"palo_alto\", \"dateUpdated\": \"2024-10-18T11:49:42.767Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-9464\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-18T15:40:20.097Z\", \"dateReserved\": \"2024-10-03T11:35:11.680Z\", \"assignerOrgId\": \"d6c1279f-00f6-4ef7-9217-f89ffe703ec0\", \"datePublished\": \"2024-10-09T17:03:33.904Z\", \"assignerShortName\": \"palo_alto\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

NCSC-2024-0405

Vulnerability from csaf_ncscnl - Published: 2024-10-10 12:02 - Updated: 2024-10-10 12:02

Summary

Kwetsbaarheden verholpen in Palo Alto Expedition

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten

Palo Alto heeft kwetsbaarheden verholpen in Expedition.

Interpretaties

Een kwaadwillende kan de kwetsbaarheden misbruiken om op afstand, zonder voorafgaande authenticatie, willekeurige code uit te voeren op het systeem waarop Expedition draait en zo mogelijk aan logingegevens en API-keys te komen. Expedition is een migratietool om de configuratie van firewalls van derde partijen te converteren en importeren naar systemen die draaien op PAN-OS. Expedition is onder normale omstandigheden niet actief op een firewall van Palo Alto, maar dient apart opgestart te worden voor migratiedoeleinden.

Oplossingen

Palo Alto heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans

medium

Schade

high

CWE-532

Insertion of Sensitive Information into Log File

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Palo Alto heeft kwetsbaarheden verholpen in Expedition.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om op afstand, zonder voorafgaande authenticatie, willekeurige code uit te voeren op het systeem waarop Expedition draait en zo mogelijk aan logingegevens en API-keys te komen.\n\nExpedition is een migratietool om de configuratie van firewalls van derde partijen te converteren en importeren naar systemen die draaien op PAN-OS.\n\nExpedition is onder normale omstandigheden niet actief op een firewall van Palo Alto, maar dient apart opgestart te worden voor migratiedoeleinden.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Palo Alto heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Insertion of Sensitive Information into Log File",
        "title": "CWE-532"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
        "title": "CWE-78"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
        "title": "CWE-89"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
        "title": "CWE-79"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - cveprojectv5; nvd",
        "url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Palo Alto Expedition",
    "tracking": {
      "current_release_date": "2024-10-10T12:02:12.890277Z",
      "id": "NCSC-2024-0405",
      "initial_release_date": "2024-10-10T12:02:12.890277Z",
      "revision_history": [
        {
          "date": "2024-10-10T12:02:12.890277Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1668275",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:palo_alto_networks:expedition:1.2.0:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "palo_alto_networks"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499682",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499745",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.10:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499668",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.11:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499694",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.12:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499710",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.13:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499734",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.14:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499658",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.15:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499671",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.16:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499690",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.17:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499714",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.18:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499746",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.19:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499708",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499727",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.20:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499702",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.21:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499686",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.22:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499698",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.23:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499677",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.24:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499744",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.25:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499715",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.26:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499680",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.27:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499660",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.28:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499733",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.29:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499732",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499721",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.30:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499743",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.31:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499665",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.32:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499687",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.33:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499711",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.34:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499724",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.35:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499657",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.36:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499672",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.37:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499691",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.38:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499722",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.39:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499738",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499662",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.40:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499728",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.41:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499704",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.42:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499685",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.43:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499697",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.44:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499678",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.45:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499735",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.46:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499706",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.47:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499683",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.48:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499664",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.49:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499675",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499701",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.50:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499718",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.51:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499739",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.52:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499666",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.53:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499688",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.54:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499713",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.55:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499726",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.56:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499655",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.57:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499673",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.58:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499699",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.59:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499681",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499661",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.60:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499663",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.61:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499729",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.62:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499705",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.63:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499684",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.64:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499695",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.65:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499669",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.66:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499736",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.67:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499707",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.68:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499679",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.69:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499723",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499716",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.70:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499700",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.71:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499717",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.72:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499740",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.73:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499667",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.74:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499689",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.75:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499712",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.76:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499725",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.77:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499656",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.78:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499676",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.79:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499742",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499731",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.80:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499659",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.81:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499692",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.82:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499730",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.83:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499703",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.84:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499719",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.85:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499696",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.86:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499670",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.87:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499741",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.88:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499709",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.89:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499674",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499737",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.90:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499720",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.91:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1501062",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.92:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1668297",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.93:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1668295",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.94:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1668296",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.95:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "expedition",
            "product": {
              "name": "expedition",
              "product_id": "CSAFPID-1499693",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:expedition:1.2.9:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "paloaltonetworks"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-9463",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
          "title": "CWE-78"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1668275"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-9463",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-9463.json"
        }
      ],
      "title": "CVE-2024-9463"
    },
    {
      "cve": "CVE-2024-9464",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
          "title": "CWE-78"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1668275"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-9464",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-9464.json"
        }
      ],
      "title": "CVE-2024-9464"
    },
    {
      "cve": "CVE-2024-9465",
      "cwe": {
        "id": "CWE-89",
        "name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
          "title": "CWE-89"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1668275"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-9465",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-9465.json"
        }
      ],
      "title": "CVE-2024-9465"
    },
    {
      "cve": "CVE-2024-9466",
      "cwe": {
        "id": "CWE-532",
        "name": "Insertion of Sensitive Information into Log File"
      },
      "notes": [
        {
          "category": "other",
          "text": "Insertion of Sensitive Information into Log File",
          "title": "CWE-532"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1668275"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-9466",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-9466.json"
        }
      ],
      "title": "CVE-2024-9466"
    },
    {
      "cve": "CVE-2024-9467",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1668275"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-9467",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-9467.json"
        }
      ],
      "title": "CVE-2024-9467"
    }
  ]
}

FKIE_CVE-2024-9464

Vulnerability from fkie_nvd - Published: 2024-10-09 17:15 - Updated: 2024-10-17 06:15

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

References

	URL	Tags
	psirt@paloaltonetworks.com	https://security.paloaltonetworks.com/PAN-SA-2024-0010	Vendor Advisory
	psirt@paloaltonetworks.com	https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Impacted products

	Vendor	Product	Version
	paloaltonetworks	expedition	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E7A504-08F4-40E4-9FF5-A707DAF6708A",
              "versionEndExcluding": "1.2.96",
              "versionStartIncluding": "1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo en Palo Alto Networks Expedition permite a un atacante autenticado ejecutar comandos del sistema operativo arbitrarios como root en Expedition, lo que resulta en la divulgaci\u00f3n de nombres de usuario, contrase\u00f1as de texto plano, configuraciones de dispositivos y claves API de dispositivos de firewalls PAN-OS."
    }
  ],
  "id": "CVE-2024-9464",
  "lastModified": "2024-10-17T06:15:04.190",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NO",
          "Recovery": "USER",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 9.3,
          "baseSeverity": "CRITICAL",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "LOW",
          "providerUrgency": "AMBER",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "HIGH",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "CONCENTRATED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:H/U:Amber",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "HIGH",
          "vulnerabilityResponseEffort": "HIGH"
        },
        "source": "psirt@paloaltonetworks.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-10-09T17:15:20.170",
  "references": [
    {
      "source": "psirt@paloaltonetworks.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
    },
    {
      "source": "psirt@paloaltonetworks.com",
      "url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/"
    }
  ],
  "sourceIdentifier": "psirt@paloaltonetworks.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "psirt@paloaltonetworks.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-R7WF-FPFF-W68Q

Vulnerability from github – Published: 2024-10-09 18:31 – Updated: 2024-10-17 06:30

Details

Severity ?

6.5 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

9.3 (Critical)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Red

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-9464"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-78"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-09T17:15:20Z",
    "severity": "CRITICAL"
  },
  "details": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.",
  "id": "GHSA-r7wf-fpff-w68q",
  "modified": "2024-10-17T06:30:32Z",
  "published": "2024-10-09T18:31:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9464"
    },
    {
      "type": "WEB",
      "url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
    },
    {
      "type": "WEB",
      "url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:H/U:Red",
      "type": "CVSS_V4"
    }
  ]
}

CERTFR-2024-AVI-0859

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Palo Alto Networks. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, un déni de service à distance et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Palo Alto Networks	Cortex XSOAR	Cortex XSOAR versions antérieures à 6.12.0 (Build 1271551)
Palo Alto Networks	PAN-OS	PAN-OS versions 11.0 antérieures à 11.0.6
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.9-x antérieures à 10.2.9-h11
Palo Alto Networks	Expedition	Expedition versions antérieures à 1.2.96
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions antérieures à 6.2.5 sur Windows
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.10-x antérieures à 10.2.10-h4
Palo Alto Networks	Cortex XDR Agent	Cortex XDR Agent versions antérieures à 7.9.102-CE sur Windows
Palo Alto Networks	PAN-OS	PAN-OS versions 11.0.4-x antérieures à 11.0.4-h5
Palo Alto Networks	Cortex XDR Agent	Cortex XDR Agent versions 8.4.x antérieures à 8.4.1 sur Windows
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2 antérieures à 10.2.11
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1 antérieures à 11.1.3
Palo Alto Networks	Prisma Access	Prisma Access Browser versions antérieures à 129.101.2913.3
Palo Alto Networks	PAN-OS	PAN-OS versions 10.1 antérieures à 10.1.11
Palo Alto Networks	Cortex XDR Agent	Cortex XDR Agent versions 8.3.x antérieures à 8.3.1 sur Windows

References

Title

Publication Time

Tags

Bulletin de sécurité Palo Alto Networks PAN-SA-2024-0010	2024-10-09	vendor-advisory
Bulletin de sécurité Palo Alto Networks PAN-SA-2024-0011	2024-10-09	vendor-advisory
Bulletin de sécurité Palo Alto Networks CPATR-23347	2024-10-09	vendor-advisory
Bulletin de sécurité Palo Alto Networks GPC-19493 et GPC-21211	2024-10-09	vendor-advisory
Bulletin de sécurité Palo Alto Networks PAN-244840	2024-10-09	vendor-advisory
Bulletin de sécurité Palo Alto Networks PAN-217511 et PAN-152631	2024-10-09	vendor-advisory
Bulletin de sécurité Palo Alto Networks CRTX-105114	2024-10-09	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cortex XSOAR versions ant\u00e9rieures \u00e0 6.12.0 (Build 1271551)",
      "product": {
        "name": "Cortex XSOAR",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.0 ant\u00e9rieures \u00e0 11.0.6",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2.9-x ant\u00e9rieures \u00e0 10.2.9-h11",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Expedition versions ant\u00e9rieures \u00e0 1.2.96",
      "product": {
        "name": "Expedition",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App versions ant\u00e9rieures \u00e0 6.2.5 sur Windows",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2.10-x ant\u00e9rieures \u00e0 10.2.10-h4",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Cortex XDR Agent versions ant\u00e9rieures \u00e0 7.9.102-CE sur Windows",
      "product": {
        "name": "Cortex XDR Agent",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.0.4-x ant\u00e9rieures \u00e0 11.0.4-h5",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Cortex XDR Agent versions 8.4.x ant\u00e9rieures \u00e0 8.4.1 sur Windows",
      "product": {
        "name": "Cortex XDR Agent",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2 ant\u00e9rieures \u00e0 10.2.11",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.1 ant\u00e9rieures \u00e0 11.1.3",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma Access Browser versions ant\u00e9rieures \u00e0 129.101.2913.3",
      "product": {
        "name": "Prisma Access",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.1 ant\u00e9rieures \u00e0 10.1.11",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Cortex XDR Agent versions 8.3.x ant\u00e9rieures \u00e0 8.3.1 sur Windows",
      "product": {
        "name": "Cortex XDR Agent",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-9468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9468"
    },
    {
      "name": "CVE-2024-8909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8909"
    },
    {
      "name": "CVE-2024-9603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9603"
    },
    {
      "name": "CVE-2024-8905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8905"
    },
    {
      "name": "CVE-2024-7025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7025"
    },
    {
      "name": "CVE-2024-8906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8906"
    },
    {
      "name": "CVE-2024-9123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9123"
    },
    {
      "name": "CVE-2024-8907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8907"
    },
    {
      "name": "CVE-2024-9469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9469"
    },
    {
      "name": "CVE-2024-9471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9471"
    },
    {
      "name": "CVE-2024-9370",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9370"
    },
    {
      "name": "CVE-2024-9470",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9470"
    },
    {
      "name": "CVE-2024-9463",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9463"
    },
    {
      "name": "CVE-2024-9602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9602"
    },
    {
      "name": "CVE-2024-9467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9467"
    },
    {
      "name": "CVE-2024-9122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9122"
    },
    {
      "name": "CVE-2024-9464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9464"
    },
    {
      "name": "CVE-2024-9121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9121"
    },
    {
      "name": "CVE-2024-8904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8904"
    },
    {
      "name": "CVE-2024-9369",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9369"
    },
    {
      "name": "CVE-2024-9120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9120"
    },
    {
      "name": "CVE-2024-9465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9465"
    },
    {
      "name": "CVE-2024-9466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9466"
    },
    {
      "name": "CVE-2024-9473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9473"
    },
    {
      "name": "CVE-2024-8908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8908"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-0859",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-10-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Palo Alto Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Palo Alto Networks",
  "vendor_advisories": [
    {
      "published_at": "2024-10-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-SA-2024-0010",
      "url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
    },
    {
      "published_at": "2024-10-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-SA-2024-0011",
      "url": "https://security.paloaltonetworks.com/PAN-SA-2024-0011"
    },
    {
      "published_at": "2024-10-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CPATR-23347",
      "url": "https://security.paloaltonetworks.com/CVE-2024-9469"
    },
    {
      "published_at": "2024-10-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks GPC-19493 et GPC-21211",
      "url": "https://security.paloaltonetworks.com/CVE-2024-9473"
    },
    {
      "published_at": "2024-10-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-244840",
      "url": "https://security.paloaltonetworks.com/CVE-2024-9468"
    },
    {
      "published_at": "2024-10-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-217511 et PAN-152631",
      "url": "https://security.paloaltonetworks.com/CVE-2024-9471"
    },
    {
      "published_at": "2024-10-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CRTX-105114",
      "url": "https://security.paloaltonetworks.com/CVE-2024-9470"
    }
  ]
}

CERTFR-2024-AVI-0859

Vulnerability from certfr_avis - Published: - Updated:

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Palo Alto Networks	Cortex XSOAR	Cortex XSOAR versions antérieures à 6.12.0 (Build 1271551)
Palo Alto Networks	PAN-OS	PAN-OS versions 11.0 antérieures à 11.0.6
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.9-x antérieures à 10.2.9-h11
Palo Alto Networks	Expedition	Expedition versions antérieures à 1.2.96
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions antérieures à 6.2.5 sur Windows
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.10-x antérieures à 10.2.10-h4
Palo Alto Networks	Cortex XDR Agent	Cortex XDR Agent versions antérieures à 7.9.102-CE sur Windows
Palo Alto Networks	PAN-OS	PAN-OS versions 11.0.4-x antérieures à 11.0.4-h5
Palo Alto Networks	Cortex XDR Agent	Cortex XDR Agent versions 8.4.x antérieures à 8.4.1 sur Windows
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2 antérieures à 10.2.11
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1 antérieures à 11.1.3
Palo Alto Networks	Prisma Access	Prisma Access Browser versions antérieures à 129.101.2913.3
Palo Alto Networks	PAN-OS	PAN-OS versions 10.1 antérieures à 10.1.11
Palo Alto Networks	Cortex XDR Agent	Cortex XDR Agent versions 8.3.x antérieures à 8.3.1 sur Windows

References

Title

Publication Time

Tags

Bulletin de sécurité Palo Alto Networks PAN-SA-2024-0010	2024-10-09	vendor-advisory
Bulletin de sécurité Palo Alto Networks PAN-SA-2024-0011	2024-10-09	vendor-advisory
Bulletin de sécurité Palo Alto Networks CPATR-23347	2024-10-09	vendor-advisory
Bulletin de sécurité Palo Alto Networks GPC-19493 et GPC-21211	2024-10-09	vendor-advisory
Bulletin de sécurité Palo Alto Networks PAN-244840	2024-10-09	vendor-advisory
Bulletin de sécurité Palo Alto Networks PAN-217511 et PAN-152631	2024-10-09	vendor-advisory
Bulletin de sécurité Palo Alto Networks CRTX-105114	2024-10-09	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cortex XSOAR versions ant\u00e9rieures \u00e0 6.12.0 (Build 1271551)",
      "product": {
        "name": "Cortex XSOAR",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.0 ant\u00e9rieures \u00e0 11.0.6",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2.9-x ant\u00e9rieures \u00e0 10.2.9-h11",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Expedition versions ant\u00e9rieures \u00e0 1.2.96",
      "product": {
        "name": "Expedition",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App versions ant\u00e9rieures \u00e0 6.2.5 sur Windows",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2.10-x ant\u00e9rieures \u00e0 10.2.10-h4",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Cortex XDR Agent versions ant\u00e9rieures \u00e0 7.9.102-CE sur Windows",
      "product": {
        "name": "Cortex XDR Agent",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.0.4-x ant\u00e9rieures \u00e0 11.0.4-h5",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Cortex XDR Agent versions 8.4.x ant\u00e9rieures \u00e0 8.4.1 sur Windows",
      "product": {
        "name": "Cortex XDR Agent",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2 ant\u00e9rieures \u00e0 10.2.11",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.1 ant\u00e9rieures \u00e0 11.1.3",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma Access Browser versions ant\u00e9rieures \u00e0 129.101.2913.3",
      "product": {
        "name": "Prisma Access",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.1 ant\u00e9rieures \u00e0 10.1.11",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Cortex XDR Agent versions 8.3.x ant\u00e9rieures \u00e0 8.3.1 sur Windows",
      "product": {
        "name": "Cortex XDR Agent",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-9468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9468"
    },
    {
      "name": "CVE-2024-8909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8909"
    },
    {
      "name": "CVE-2024-9603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9603"
    },
    {
      "name": "CVE-2024-8905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8905"
    },
    {
      "name": "CVE-2024-7025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7025"
    },
    {
      "name": "CVE-2024-8906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8906"
    },
    {
      "name": "CVE-2024-9123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9123"
    },
    {
      "name": "CVE-2024-8907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8907"
    },
    {
      "name": "CVE-2024-9469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9469"
    },
    {
      "name": "CVE-2024-9471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9471"
    },
    {
      "name": "CVE-2024-9370",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9370"
    },
    {
      "name": "CVE-2024-9470",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9470"
    },
    {
      "name": "CVE-2024-9463",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9463"
    },
    {
      "name": "CVE-2024-9602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9602"
    },
    {
      "name": "CVE-2024-9467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9467"
    },
    {
      "name": "CVE-2024-9122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9122"
    },
    {
      "name": "CVE-2024-9464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9464"
    },
    {
      "name": "CVE-2024-9121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9121"
    },
    {
      "name": "CVE-2024-8904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8904"
    },
    {
      "name": "CVE-2024-9369",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9369"
    },
    {
      "name": "CVE-2024-9120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9120"
    },
    {
      "name": "CVE-2024-9465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9465"
    },
    {
      "name": "CVE-2024-9466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9466"
    },
    {
      "name": "CVE-2024-9473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9473"
    },
    {
      "name": "CVE-2024-8908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8908"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-0859",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-10-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Palo Alto Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Palo Alto Networks",
  "vendor_advisories": [
    {
      "published_at": "2024-10-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-SA-2024-0010",
      "url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
    },
    {
      "published_at": "2024-10-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-SA-2024-0011",
      "url": "https://security.paloaltonetworks.com/PAN-SA-2024-0011"
    },
    {
      "published_at": "2024-10-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CPATR-23347",
      "url": "https://security.paloaltonetworks.com/CVE-2024-9469"
    },
    {
      "published_at": "2024-10-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks GPC-19493 et GPC-21211",
      "url": "https://security.paloaltonetworks.com/CVE-2024-9473"
    },
    {
      "published_at": "2024-10-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-244840",
      "url": "https://security.paloaltonetworks.com/CVE-2024-9468"
    },
    {
      "published_at": "2024-10-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-217511 et PAN-152631",
      "url": "https://security.paloaltonetworks.com/CVE-2024-9471"
    },
    {
      "published_at": "2024-10-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CRTX-105114",
      "url": "https://security.paloaltonetworks.com/CVE-2024-9470"
    }
  ]
}

WID-SEC-W-2024-3146

Vulnerability from csaf_certbund - Published: 2024-10-10 22:00 - Updated: 2024-11-14 23:00

Summary

PaloAlto Networks Expedition: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Palo Alto Expedition ist eine Next-Generation-Firewall (NGFW)-Plattform

Angriff

Ein Angreifer kann mehrere Schwachstellen in PaloAlto Networks Expedition ausnutzen, um beliebigen Code mit administrativen Rechten auszuführen, Daten zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen und vertrauliche Informationen preiszugeben.

Betroffene Betriebssysteme

- Sonstiges

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "kritisch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Palo Alto Expedition ist eine Next-Generation-Firewall (NGFW)-Plattform",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in PaloAlto Networks Expedition ausnutzen, um beliebigen Code mit administrativen Rechten auszuf\u00fchren, Daten zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren und vertrauliche Informationen preiszugeben.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-3146 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3146.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-3146 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3146"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisories vom 2024-10-10",
        "url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
      },
      {
        "category": "external",
        "summary": "Horion3 Attack Blog vom 2024-10-10",
        "url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/"
      },
      {
        "category": "external",
        "summary": "PoC auf GitHub",
        "url": "https://github.com/horizon3ai/CVE-2024-9465"
      },
      {
        "category": "external",
        "summary": "PoC auf GitHub",
        "url": "https://github.com/horizon3ai/CVE-2024-9464"
      }
    ],
    "source_lang": "en-US",
    "title": "PaloAlto Networks Expedition: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-11-14T23:00:00.000+00:00",
      "generator": {
        "date": "2024-11-15T10:39:41.011+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.8"
        }
      },
      "id": "WID-SEC-W-2024-3146",
      "initial_release_date": "2024-10-10T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-10-10T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-11-14T23:00:00.000+00:00",
          "number": "2",
          "summary": "Aktive Ausnutzung gemeldet"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c1.2.96",
                "product": {
                  "name": "PaloAlto Networks Expedition \u003c1.2.96",
                  "product_id": "T038271"
                }
              },
              {
                "category": "product_version",
                "name": "1.2.96",
                "product": {
                  "name": "PaloAlto Networks Expedition 1.2.96",
                  "product_id": "T038271-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:paloaltonetworks:expedition:1.2.96"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Expedition"
          }
        ],
        "category": "vendor",
        "name": "PaloAlto Networks"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-9463",
      "notes": [
        {
          "category": "description",
          "text": "In PaloAlto Networks Expedition bestehen mehrere Schwachstellen, die auf eine unzureichende Bereinigung von Eingaben zur\u00fcckzuf\u00fchren sind. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um Betriebssystembefehle einzuschleusen und mit Root-Rechten auszuf\u00fchren, was zur Offenlegung sensibler Daten wie Benutzernamen, Klartextpassw\u00f6rtern, Ger\u00e4tekonfigurationen und API-Schl\u00fcsseln von PAN-OS-Firewalls f\u00fchrt."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038271"
        ]
      },
      "release_date": "2024-10-10T22:00:00.000+00:00",
      "title": "CVE-2024-9463"
    },
    {
      "cve": "CVE-2024-9464",
      "notes": [
        {
          "category": "description",
          "text": "In PaloAlto Networks Expedition bestehen mehrere Schwachstellen, die auf eine unzureichende Bereinigung von Eingaben zur\u00fcckzuf\u00fchren sind. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um Betriebssystembefehle einzuschleusen und mit Root-Rechten auszuf\u00fchren, was zur Offenlegung sensibler Daten wie Benutzernamen, Klartextpassw\u00f6rtern, Ger\u00e4tekonfigurationen und API-Schl\u00fcsseln von PAN-OS-Firewalls f\u00fchrt."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038271"
        ]
      },
      "release_date": "2024-10-10T22:00:00.000+00:00",
      "title": "CVE-2024-9464"
    },
    {
      "cve": "CVE-2024-9465",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in PaloAlto Networks Expedition aufgrund unzureichender Bereinigung, die zu SQL-Injection f\u00fchrt. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um das System zu manipulieren, beliebige Dateien zu erstellen oder zu lesen und vertrauliche Informationen wie Passwort-Hashes, Benutzernamen und Konfigurationen offenzulegen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038271"
        ]
      },
      "release_date": "2024-10-10T22:00:00.000+00:00",
      "title": "CVE-2024-9465"
    },
    {
      "cve": "CVE-2024-9466",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in PaloAlto Networks Expedition da vertrauliche Informationen im Klartext gespeichert werden. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um Firewall-Benutzernamen, Passw\u00f6rter und API-Schl\u00fcssel, die mit diesen Anmeldeinformationen erstellt wurden, offenzulegen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038271"
        ]
      },
      "release_date": "2024-10-10T22:00:00.000+00:00",
      "title": "CVE-2024-9466"
    },
    {
      "cve": "CVE-2024-9467",
      "notes": [
        {
          "category": "description",
          "text": "In PaloAlto Networks Expedition existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038271"
        ]
      },
      "release_date": "2024-10-10T22:00:00.000+00:00",
      "title": "CVE-2024-9467"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-9464 (GCVE-0-2024-9464)

NCSC-2024-0405

FKIE_CVE-2024-9464

GHSA-R7WF-FPFF-W68Q

CERTFR-2024-AVI-0859

Solutions

CERTFR-2024-AVI-0859

Solutions

WID-SEC-W-2024-3146

Tags

Sightings

Nomenclature