Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
48 vulnerabilities found for expedition by paloaltonetworks
FKIE_CVE-2025-0105
Vulnerability from fkie_nvd - Published: 2025-01-11 03:15 - Updated: 2026-01-23 21:56
Severity ?
Summary
An arbitrary file deletion vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to delete arbitrary files accessible to the www-data user on the host filesystem.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@paloaltonetworks.com | https://security.paloaltonetworks.com/PAN-SA-2025-0001 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| paloaltonetworks | expedition | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD4811AB-AC99-4D98-82AA-EB2237522C4C",
"versionEndExcluding": "1.2.101",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "psirt@paloaltonetworks.com",
"tags": [
"unsupported-when-assigned"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file deletion vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to delete arbitrary files accessible to the www-data user on the host filesystem."
},
{
"lang": "es",
"value": "Una vulnerabilidad de eliminaci\u00f3n arbitraria de archivos en Palo Alto Networks Expedition permite a un atacante no autenticado eliminar archivos arbitrarios accesibles al usuario www-data en el sistema de archivos del host."
}
],
"id": "CVE-2025-0105",
"lastModified": "2026-01-23T21:56:51.683",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:H/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "HIGH"
},
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
}
]
},
"published": "2025-01-11T03:15:22.317",
"references": [
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2025-0001"
}
],
"sourceIdentifier": "psirt@paloaltonetworks.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-73"
}
],
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-0104
Vulnerability from fkie_nvd - Published: 2025-01-11 03:15 - Updated: 2026-01-23 22:03
Severity ?
Summary
A reflected cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition enables attackers to execute malicious JavaScript code in the context of an authenticated Expedition user’s browser if that authenticated user clicks a malicious link that allows phishing attacks and could lead to Expedition browser-session theft.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@paloaltonetworks.com | https://security.paloaltonetworks.com/PAN-SA-2025-0001 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| paloaltonetworks | expedition | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD4811AB-AC99-4D98-82AA-EB2237522C4C",
"versionEndExcluding": "1.2.101",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "psirt@paloaltonetworks.com",
"tags": [
"unsupported-when-assigned"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A reflected cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition enables attackers to execute malicious JavaScript code in the context of an authenticated Expedition user\u2019s browser if that authenticated user clicks a malicious link that allows phishing attacks and could lead to Expedition browser-session theft."
},
{
"lang": "es",
"value": "Una vulnerabilidad de cross-site scripting (XSS) reflejado en Palo Alto Networks Expedition permite a los atacantes ejecutar c\u00f3digo JavaScript malicioso en el contexto del navegador de un usuario autenticado de Expedition si ese usuario autenticado hace clic en un enlace malicioso que permite ataques de phishing y podr\u00eda conducir al robo de la sesi\u00f3n del navegador de Expedition."
}
],
"id": "CVE-2025-0104",
"lastModified": "2026-01-23T22:03:41.863",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "HIGH"
},
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
}
]
},
"published": "2025-01-11T03:15:22.183",
"references": [
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2025-0001"
}
],
"sourceIdentifier": "psirt@paloaltonetworks.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-0103
Vulnerability from fkie_nvd - Published: 2025-01-11 03:15 - Updated: 2026-01-23 22:03
Severity ?
Summary
An SQL injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. This vulnerability also enables attackers to create and read arbitrary files on the Expedition system.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@paloaltonetworks.com | https://security.paloaltonetworks.com/PAN-SA-2025-0001 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| paloaltonetworks | expedition | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD4811AB-AC99-4D98-82AA-EB2237522C4C",
"versionEndExcluding": "1.2.101",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "psirt@paloaltonetworks.com",
"tags": [
"unsupported-when-assigned"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An SQL injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. This vulnerability also enables attackers to create and read arbitrary files on the Expedition system."
},
{
"lang": "es",
"value": "Una vulnerabilidad de inyecci\u00f3n SQL en Palo Alto Networks Expedition permite a un atacante autenticado revelar el contenido de la base de datos de Expedition, como hashes de contrase\u00f1as, nombres de usuario, configuraciones de dispositivos y claves API de dispositivos. Esta vulnerabilidad tambi\u00e9n permite a los atacantes crear y leer archivos arbitrarios en el sistema Expedition."
}
],
"id": "CVE-2025-0103",
"lastModified": "2026-01-23T22:03:57.657",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "HIGH"
},
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
}
]
},
"published": "2025-01-11T03:15:22.020",
"references": [
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2025-0001"
}
],
"sourceIdentifier": "psirt@paloaltonetworks.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-0107
Vulnerability from fkie_nvd - Published: 2025-01-11 03:15 - Updated: 2026-01-23 21:50
Severity ?
Summary
An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which results in the disclosure of usernames, cleartext passwords, device configurations, and device API keys for firewalls running PAN-OS software.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@paloaltonetworks.com | https://security.paloaltonetworks.com/PAN-SA-2025-0001 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| paloaltonetworks | expedition | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD4811AB-AC99-4D98-82AA-EB2237522C4C",
"versionEndExcluding": "1.2.101",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "psirt@paloaltonetworks.com",
"tags": [
"unsupported-when-assigned"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which results in the disclosure of usernames, cleartext passwords, device configurations, and device API keys for firewalls running PAN-OS software."
},
{
"lang": "es",
"value": "Una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo en Palo Alto Networks Expedition permite a un atacante autenticado ejecutar comandos del sistema operativo arbitrarios como el usuario www-data en Expedition, lo que resulta en la divulgaci\u00f3n de nombres de usuario, contrase\u00f1as de texto plano, configuraciones de dispositivos y claves API de dispositivos para firewalls que ejecutan software PAN-OS."
}
],
"id": "CVE-2025-0107",
"lastModified": "2026-01-23T21:50:52.630",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:H/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "HIGH"
},
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
}
]
},
"published": "2025-01-11T03:15:22.637",
"references": [
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2025-0001"
}
],
"sourceIdentifier": "psirt@paloaltonetworks.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-0106
Vulnerability from fkie_nvd - Published: 2025-01-11 03:15 - Updated: 2026-01-23 21:52
Severity ?
Summary
A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@paloaltonetworks.com | https://security.paloaltonetworks.com/PAN-SA-2025-0001 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| paloaltonetworks | expedition | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD4811AB-AC99-4D98-82AA-EB2237522C4C",
"versionEndExcluding": "1.2.101",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "psirt@paloaltonetworks.com",
"tags": [
"unsupported-when-assigned"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem."
},
{
"lang": "es",
"value": "Una vulnerabilidad de expansi\u00f3n de comodines en Palo Alto Networks Expedition permite a un atacante no autenticado enumerar archivos en el sistema de archivos del host."
}
],
"id": "CVE-2025-0106",
"lastModified": "2026-01-23T21:52:57.930",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:H/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "HIGH"
},
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
}
]
},
"published": "2025-01-11T03:15:22.490",
"references": [
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2025-0001"
}
],
"sourceIdentifier": "psirt@paloaltonetworks.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-155"
}
],
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2024-9466
Vulnerability from fkie_nvd - Published: 2024-10-09 17:15 - Updated: 2024-10-17 06:15
Severity ?
Summary
A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| paloaltonetworks | expedition | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13E7A504-08F4-40E4-9FF5-A707DAF6708A",
"versionEndExcluding": "1.2.96",
"versionStartIncluding": "1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials."
},
{
"lang": "es",
"value": "Una vulnerabilidad de almacenamiento de texto plano de informaci\u00f3n confidencial en Palo Alto Networks Expedition permite a un atacante autenticado revelar nombres de usuario, contrase\u00f1as y claves API del firewall generadas con esas credenciales."
}
],
"id": "CVE-2024-9466",
"lastModified": "2024-10-17T06:15:04.720",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "HIGH"
},
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
}
]
},
"published": "2024-10-09T17:15:20.400",
"references": [
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
},
{
"source": "psirt@paloaltonetworks.com",
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/"
}
],
"sourceIdentifier": "psirt@paloaltonetworks.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-532"
}
],
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-312"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-9467
Vulnerability from fkie_nvd - Published: 2024-10-09 17:15 - Updated: 2024-10-15 15:09
Severity ?
Summary
A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user's browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session theft.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@paloaltonetworks.com | https://security.paloaltonetworks.com/PAN-SA-2024-0010 | Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| paloaltonetworks | expedition | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13E7A504-08F4-40E4-9FF5-A707DAF6708A",
"versionEndExcluding": "1.2.96",
"versionStartIncluding": "1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user\u0027s browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session theft."
},
{
"lang": "es",
"value": "Una vulnerabilidad XSS reflejado en Palo Alto Networks Expedition permite la ejecuci\u00f3n de JavaScript malicioso en el contexto del navegador de un usuario autenticado de Expedition si ese usuario hace clic en un enlace malicioso, lo que permite ataques de phishing que podr\u00edan conducir al robo de sesiones del navegador de Expedition."
}
],
"id": "CVE-2024-9467",
"lastModified": "2024-10-15T15:09:13.297",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "HIGH"
},
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
}
]
},
"published": "2024-10-09T17:15:20.517",
"references": [
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
}
],
"sourceIdentifier": "psirt@paloaltonetworks.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-9464
Vulnerability from fkie_nvd - Published: 2024-10-09 17:15 - Updated: 2024-10-17 06:15
Severity ?
Summary
An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| paloaltonetworks | expedition | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13E7A504-08F4-40E4-9FF5-A707DAF6708A",
"versionEndExcluding": "1.2.96",
"versionStartIncluding": "1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
},
{
"lang": "es",
"value": "Una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo en Palo Alto Networks Expedition permite a un atacante autenticado ejecutar comandos del sistema operativo arbitrarios como root en Expedition, lo que resulta en la divulgaci\u00f3n de nombres de usuario, contrase\u00f1as de texto plano, configuraciones de dispositivos y claves API de dispositivos de firewalls PAN-OS."
}
],
"id": "CVE-2024-9464",
"lastModified": "2024-10-17T06:15:04.190",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "HIGH"
},
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
}
]
},
"published": "2024-10-09T17:15:20.170",
"references": [
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
},
{
"source": "psirt@paloaltonetworks.com",
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/"
}
],
"sourceIdentifier": "psirt@paloaltonetworks.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-9465
Vulnerability from fkie_nvd - Published: 2024-10-09 17:15 - Updated: 2025-11-04 16:49
Severity ?
Summary
An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| paloaltonetworks | expedition | * |
{
"cisaActionDue": "2024-12-05",
"cisaExploitAdd": "2024-11-14",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Palo Alto Networks Expedition SQL Injection Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13E7A504-08F4-40E4-9FF5-A707DAF6708A",
"versionEndExcluding": "1.2.96",
"versionStartIncluding": "1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system."
},
{
"lang": "es",
"value": "Una vulnerabilidad de inyecci\u00f3n SQL en Expedition de Palo Alto Networks permite a un atacante no autenticado revelar el contenido de la base de datos de Expedition, como hashes de contrase\u00f1as, nombres de usuario, configuraciones de dispositivos y claves API de dispositivos. Con esto, los atacantes tambi\u00e9n pueden crear y leer archivos arbitrarios en el sistema Expedition."
}
],
"id": "CVE-2024-9465",
"lastModified": "2025-11-04T16:49:01.677",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "HIGH"
},
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
}
]
},
"published": "2024-10-09T17:15:20.287",
"references": [
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
},
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Exploit"
],
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"US Government Resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9465"
}
],
"sourceIdentifier": "psirt@paloaltonetworks.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-9463
Vulnerability from fkie_nvd - Published: 2024-10-09 17:15 - Updated: 2025-11-04 16:48
Severity ?
Summary
An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@paloaltonetworks.com | https://security.paloaltonetworks.com/PAN-SA-2024-0010 | Mitigation, Vendor Advisory | |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9463 | US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| paloaltonetworks | expedition | * |
{
"cisaActionDue": "2024-12-05",
"cisaExploitAdd": "2024-11-14",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Palo Alto Networks Expedition OS Command Injection Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13E7A504-08F4-40E4-9FF5-A707DAF6708A",
"versionEndExcluding": "1.2.96",
"versionStartIncluding": "1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
},
{
"lang": "es",
"value": "Una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo en Palo Alto Networks Expedition permite a un atacante no autenticado ejecutar comandos arbitrarios del sistema operativo como root en Expedition, lo que resulta en la divulgaci\u00f3n de nombres de usuario, contrase\u00f1as de texto plano, configuraciones de dispositivos y claves API de dispositivos de firewalls PAN-OS."
}
],
"id": "CVE-2024-9463",
"lastModified": "2025-11-04T16:48:57.193",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "HIGH"
},
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
}
]
},
"published": "2024-10-09T17:15:19.973",
"references": [
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"US Government Resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9463"
}
],
"sourceIdentifier": "psirt@paloaltonetworks.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2025-0107 (GCVE-0-2025-0107)
Vulnerability from cvelistv5 – Published: 2025-01-11 03:02 – Updated: 2025-01-24 04:56 Unsupported When Assigned
VLAI?
Title
Expedition: OS Command Injection Vulnerability
Summary
An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which results in the disclosure of usernames, cleartext passwords, device configurations, and device API keys for firewalls running PAN-OS software.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Palo Alto Networks | Cloud NGFW |
Unaffected:
All
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Date Public ?
2025-01-08 17:00
Credits
An independent security researcher working with SSD Secure Disclosure
Advanced Research Team, CrowdStrike
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0107",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-23T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T04:56:01.054Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.100",
"status": "unaffected"
}
],
"lessThan": "1.2.100",
"status": "affected",
"version": "1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Panorama",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No special configuration is required to be affected by this issue."
}
],
"value": "No special configuration is required to be affected by this issue."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "An independent security researcher working with SSD Secure Disclosure"
},
{
"lang": "en",
"type": "finder",
"value": "Advanced Research Team, CrowdStrike"
}
],
"datePublic": "2025-01-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which results in the disclosure of usernames, cleartext passwords, device configurations, and device API keys for firewalls running PAN-OS software."
}
],
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which results in the disclosure of usernames, cleartext passwords, device configurations, and device API keys for firewalls running PAN-OS software."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T22:23:29.276Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2025-0001"
}
],
"solutions": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in Expedition 1.2.100 and all later versions* of Expedition.\u003cbr\u003e\u003cbr\u003e* Expedition \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642\"\u003ereached its End of Life (EoL) date\u003c/a\u003e and is no longer supported. We added these fixes prior to the EoL date and we do not plan to make any additional updates or security fixes. Please use the suggested alternatives listed in \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642\"\u003ethe Expedition End of Life Announcement\u003c/a\u003e."
}
],
"value": "This issue is fixed in Expedition 1.2.100 and all later versions* of Expedition.\n\n* Expedition reached its End of Life (EoL) date https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642 and is no longer supported. We added these fixes prior to the EoL date and we do not plan to make any additional updates or security fixes. Please use the suggested alternatives listed in the Expedition End of Life Announcement https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642 ."
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2025-01-08T17:00:00.000Z",
"value": "Initial publication"
},
{
"lang": "en",
"time": "2025-01-15T00:30:00.000Z",
"value": "Corrected the CVSS score to note that authentication is not needed"
}
],
"title": "Expedition: OS Command Injection Vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure that all network access to Expedition is restricted to only authorized users, hosts, and networks. If you are not actively using Expedition, make sure that your Expedition software is shut down."
}
],
"value": "Ensure that all network access to Expedition is restricted to only authorized users, hosts, and networks. If you are not actively using Expedition, make sure that your Expedition software is shut down."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2025-0107",
"datePublished": "2025-01-11T03:02:49.517Z",
"dateReserved": "2024-12-20T23:23:09.397Z",
"dateUpdated": "2025-01-24T04:56:01.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0106 (GCVE-0-2025-0106)
Vulnerability from cvelistv5 – Published: 2025-01-11 03:02 – Updated: 2025-01-13 19:48 Unsupported When Assigned
VLAI?
Title
Expedition: Wildcard Expansion Vulnerability
Summary
A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem.
Severity ?
CWE
- CWE-155 - Improper Neutralization of Wildcards or Matching Symbols
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Palo Alto Networks | Cloud NGFW |
Unaffected:
All
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Date Public ?
2025-01-08 17:00
Credits
Advanced Research Team, CrowdStrike
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0106",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T19:48:34.201820Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T19:48:42.286Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.101",
"status": "unaffected"
}
],
"lessThan": "1.2.101",
"status": "affected",
"version": "1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Panorama",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No special configuration is required to be affected by this issue."
}
],
"value": "No special configuration is required to be affected by this issue."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Advanced Research Team, CrowdStrike"
}
],
"datePublic": "2025-01-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem."
}
],
"value": "A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-127",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-127 Directory Indexing"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-155",
"description": "CWE-155 Improper Neutralization of Wildcards or Matching Symbols",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-11T03:02:24.574Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2025-0001"
}
],
"solutions": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in Expedition 1.2.101 and all later versions* of Expedition.\u003cbr\u003e\u003cbr\u003e* Expedition \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642\"\u003ereached its End of Life (EoL) date\u003c/a\u003e and is no longer supported. We added these fixes prior to the EoL date and we do not plan to make any additional updates or security fixes. Please use the suggested alternatives listed in \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642\"\u003ethe Expedition End of Life Announcement\u003c/a\u003e."
}
],
"value": "This issue is fixed in Expedition 1.2.101 and all later versions* of Expedition.\n\n* Expedition reached its End of Life (EoL) date https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642 and is no longer supported. We added these fixes prior to the EoL date and we do not plan to make any additional updates or security fixes. Please use the suggested alternatives listed in the Expedition End of Life Announcement https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642 ."
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2025-01-08T17:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Wildcard Expansion Vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure that all network access to Expedition is restricted to only authorized users, hosts, and networks. If you are not actively using Expedition, make sure that your Expedition software is shut down."
}
],
"value": "Ensure that all network access to Expedition is restricted to only authorized users, hosts, and networks. If you are not actively using Expedition, make sure that your Expedition software is shut down."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2025-0106",
"datePublished": "2025-01-11T03:02:24.574Z",
"dateReserved": "2024-12-20T23:23:08.270Z",
"dateUpdated": "2025-01-13T19:48:42.286Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0105 (GCVE-0-2025-0105)
Vulnerability from cvelistv5 – Published: 2025-01-11 03:01 – Updated: 2025-01-13 19:50 Unsupported When Assigned
VLAI?
Title
Expedition: Arbitrary File Deletion Vulnerability
Summary
An arbitrary file deletion vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to delete arbitrary files accessible to the www-data user on the host filesystem.
Severity ?
CWE
- CWE-73 - External Control of File Name or Path
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Palo Alto Networks | Cloud NGFW |
Unaffected:
All
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Date Public ?
2025-01-08 17:00
Credits
Advanced Research Team, CrowdStrike
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0105",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T19:50:27.951601Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T19:50:31.391Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.101",
"status": "unaffected"
}
],
"lessThan": "1.2.101",
"status": "affected",
"version": "1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Panorama",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No special configuration is required to be affected by this issue."
}
],
"value": "No special configuration is required to be affected by this issue."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Advanced Research Team, CrowdStrike"
}
],
"datePublic": "2025-01-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An arbitrary file deletion vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to delete arbitrary files accessible to the www-data user on the host filesystem."
}
],
"value": "An arbitrary file deletion vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to delete arbitrary files accessible to the www-data user on the host filesystem."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-165",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-165 File Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-73",
"description": "CWE-73 External Control of File Name or Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-11T03:01:24.168Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2025-0001"
}
],
"solutions": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in Expedition 1.2.101 and all later versions* of Expedition.\u003cbr\u003e\u003cbr\u003e* Expedition \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642\"\u003ereached its End of Life (EoL) date\u003c/a\u003e and is no longer supported. We added these fixes prior to the EoL date and we do not plan to make any additional updates or security fixes. Please use the suggested alternatives listed in \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642\"\u003ethe Expedition End of Life Announcement\u003c/a\u003e."
}
],
"value": "This issue is fixed in Expedition 1.2.101 and all later versions* of Expedition.\n\n* Expedition reached its End of Life (EoL) date https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642 and is no longer supported. We added these fixes prior to the EoL date and we do not plan to make any additional updates or security fixes. Please use the suggested alternatives listed in the Expedition End of Life Announcement https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642 ."
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2025-01-08T17:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Arbitrary File Deletion Vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure that all network access to Expedition is restricted to only authorized users, hosts, and networks. If you are not actively using Expedition, make sure that your Expedition software is shut down."
}
],
"value": "Ensure that all network access to Expedition is restricted to only authorized users, hosts, and networks. If you are not actively using Expedition, make sure that your Expedition software is shut down."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2025-0105",
"datePublished": "2025-01-11T03:01:24.168Z",
"dateReserved": "2024-12-20T23:23:06.874Z",
"dateUpdated": "2025-01-13T19:50:31.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0104 (GCVE-0-2025-0104)
Vulnerability from cvelistv5 – Published: 2025-01-11 03:00 – Updated: 2025-01-13 19:51 Unsupported When Assigned
VLAI?
Title
Expedition: Cross-Site Scripting (XSS) Vulnerability
Summary
A reflected cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition enables attackers to execute malicious JavaScript code in the context of an authenticated Expedition user’s browser if that authenticated user clicks a malicious link that allows phishing attacks and could lead to Expedition browser-session theft.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Palo Alto Networks | Cloud NGFW |
Unaffected:
All
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Date Public ?
2025-01-08 17:00
Credits
Mesut Cetin of RedTeamer IT Security
Advanced Research Team, CrowdStrike
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0104",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T19:51:18.710027Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T19:51:27.183Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.100",
"status": "unaffected"
}
],
"lessThan": "1.2.100",
"status": "affected",
"version": "1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Panorama",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No special configuration is required to be affected by this issue."
}
],
"value": "No special configuration is required to be affected by this issue."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mesut Cetin of RedTeamer IT Security"
},
{
"lang": "en",
"type": "finder",
"value": "Advanced Research Team, CrowdStrike"
}
],
"datePublic": "2025-01-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A reflected cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition enables attackers to execute malicious JavaScript code in the context of an authenticated Expedition user\u2019s browser if that authenticated user clicks a malicious link that allows phishing attacks and could lead to Expedition browser-session theft."
}
],
"value": "A reflected cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition enables attackers to execute malicious JavaScript code in the context of an authenticated Expedition user\u2019s browser if that authenticated user clicks a malicious link that allows phishing attacks and could lead to Expedition browser-session theft."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-11T03:00:40.318Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2025-0001"
}
],
"solutions": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in Expedition 1.2.100 and all later versions* of Expedition.\u003cbr\u003e\u003cbr\u003e* Expedition \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642\"\u003ereached its End of Life (EoL) date\u003c/a\u003e and is no longer supported. We added these fixes prior to the EoL date and we do not plan to make any additional updates or security fixes. Please use the suggested alternatives listed in \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642\"\u003ethe Expedition End of Life Announcement\u003c/a\u003e."
}
],
"value": "This issue is fixed in Expedition 1.2.100 and all later versions* of Expedition.\n\n* Expedition reached its End of Life (EoL) date https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642 and is no longer supported. We added these fixes prior to the EoL date and we do not plan to make any additional updates or security fixes. Please use the suggested alternatives listed in the Expedition End of Life Announcement https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642 ."
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2025-01-08T17:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Cross-Site Scripting (XSS) Vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure that all network access to Expedition is restricted to only authorized users, hosts, and networks. If you are not actively using Expedition, make sure that your Expedition software is shut down."
}
],
"value": "Ensure that all network access to Expedition is restricted to only authorized users, hosts, and networks. If you are not actively using Expedition, make sure that your Expedition software is shut down."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2025-0104",
"datePublished": "2025-01-11T03:00:40.318Z",
"dateReserved": "2024-12-20T23:23:02.943Z",
"dateUpdated": "2025-01-13T19:51:27.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0103 (GCVE-0-2025-0103)
Vulnerability from cvelistv5 – Published: 2025-01-11 02:59 – Updated: 2025-01-13 19:52 Unsupported When Assigned
VLAI?
Title
Expedition: SQL Injection Vulnerability
Summary
An SQL injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. This vulnerability also enables attackers to create and read arbitrary files on the Expedition system.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Palo Alto Networks | Cloud NGFW |
Unaffected:
All
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Date Public ?
2025-01-08 17:00
Credits
Mesut Cetin of RedTeamer IT Security
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0103",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T19:52:37.496583Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T19:52:47.949Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.100",
"status": "unaffected"
}
],
"lessThan": "1.2.100",
"status": "affected",
"version": "1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Panorama",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No special configuration is required to be affected by this issue."
}
],
"value": "No special configuration is required to be affected by this issue."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mesut Cetin of RedTeamer IT Security"
}
],
"datePublic": "2025-01-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An SQL injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. This vulnerability also enables attackers to create and read arbitrary files on the Expedition system."
}
],
"value": "An SQL injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. This vulnerability also enables attackers to create and read arbitrary files on the Expedition system."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-11T02:59:51.177Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2025-0001"
}
],
"solutions": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in Expedition 1.2.100 and all later versions* of Expedition.\u003cbr\u003e\u003cbr\u003e* Expedition \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642\"\u003ereached its End of Life (EoL) date\u003c/a\u003e and is no longer supported. We added these fixes prior to the EoL date and we do not plan to make any additional updates or security fixes. Please use the suggested alternatives listed in \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642\"\u003ethe Expedition End of Life Announcement\u003c/a\u003e."
}
],
"value": "This issue is fixed in Expedition 1.2.100 and all later versions* of Expedition.\n\n* Expedition reached its End of Life (EoL) date https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642 and is no longer supported. We added these fixes prior to the EoL date and we do not plan to make any additional updates or security fixes. Please use the suggested alternatives listed in the Expedition End of Life Announcement https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642 ."
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2025-01-08T17:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: SQL Injection Vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure that all network access to Expedition is restricted to only authorized users, hosts, and networks. If you are not actively using Expedition, make sure that your Expedition software is shut down."
}
],
"value": "Ensure that all network access to Expedition is restricted to only authorized users, hosts, and networks. If you are not actively using Expedition, make sure that your Expedition software is shut down."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2025-0103",
"datePublished": "2025-01-11T02:59:51.177Z",
"dateReserved": "2024-12-20T23:22:57.417Z",
"dateUpdated": "2025-01-13T19:52:47.949Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9467 (GCVE-0-2024-9467)
Vulnerability from cvelistv5 – Published: 2024-10-09 17:04 – Updated: 2024-10-18 11:52
VLAI?
Title
Expedition: Reflected Cross-Site Scripting Vulnerability Leads to Expedition Session Disclosure
Summary
A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user's browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session theft.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Expedition |
Affected:
1.2.0 , < 1.2.96
(custom)
cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:* |
Date Public ?
2024-10-09 16:00
Credits
Enrique Castillo of Palo Alto Networks
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9467",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T18:09:44.149342Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T18:10:00.314Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Enrique Castillo of Palo Alto Networks"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user\u0027s browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session theft."
}
],
"value": "A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user\u0027s browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session theft."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:52:07.963Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Reflected Cross-Site Scripting Vulnerability Leads to Expedition Session Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9467",
"datePublished": "2024-10-09T17:04:56.867Z",
"dateReserved": "2024-10-03T11:35:14.299Z",
"dateUpdated": "2024-10-18T11:52:07.963Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9466 (GCVE-0-2024-9466)
Vulnerability from cvelistv5 – Published: 2024-10-09 17:04 – Updated: 2025-09-04 15:09
VLAI?
Title
Expedition: Cleartext Storage of Information Leads to Firewall Admin Credential Disclosure
Summary
A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials.
Severity ?
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Expedition |
Affected:
1.2.0 , < 1.2.96
(custom)
cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:* |
Date Public ?
2024-10-09 16:00
Credits
Zach Hanley (@hacks_zach) of Horizon3.ai
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "expedition",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9466",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-04T15:09:36.928721Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T15:09:40.127Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Zach Hanley (@hacks_zach) of Horizon3.ai"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials."
}
],
"value": "A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:51:31.525Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
},
{
"tags": [
"exploit"
],
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eThe affected cleartext file will be removed automatically during the upgrade.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nThe affected cleartext file will be removed automatically during the upgrade.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Cleartext Storage of Information Leads to Firewall Admin Credential Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9466",
"datePublished": "2024-10-09T17:04:36.252Z",
"dateReserved": "2024-10-03T11:35:13.454Z",
"dateUpdated": "2025-09-04T15:09:40.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9465 (GCVE-0-2024-9465)
Vulnerability from cvelistv5 – Published: 2024-10-09 17:04 – Updated: 2025-10-21 22:55
VLAI?
Title
Expedition: SQL Injection Leads to Firewall Admin Credential Disclosure
Summary
An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Expedition |
Affected:
1.2.0 , < 1.2.96
(custom)
cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:* |
Date Public ?
2024-10-09 16:00
Credits
Zach Hanley (@hacks_zach) of Horizon3.ai
Enrique Castillo of Palo Alto Networks
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9465",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-20T03:55:58.218772Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-11-14",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9465"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:42.570Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9465"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-11-14T00:00:00.000Z",
"value": "CVE-2024-9465 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Zach Hanley (@hacks_zach) of Horizon3.ai"
},
{
"lang": "en",
"type": "finder",
"value": "Enrique Castillo of Palo Alto Networks"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system."
}
],
"value": "An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-108",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-108 Command Line Execution through SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:50:43.190Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
},
{
"tags": [
"exploit"
],
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: SQL Injection Leads to Firewall Admin Credential Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks.\u003cbr\u003e\u003cbr\u003eYou can check for an indicator of compromise with the following command on an Expedition system (replace \"root\" with your username if you are using a different username):\u003cbr\u003e\u003cbr\u003e\u0026nbsp; \u0026nbsp; mysql -uroot -p -D pandb -e \"SELECT * FROM cronjobs;\"\u003cbr\u003e\u003cbr\u003eIf you see any records returned, this indicates a potential compromise. Please note that if no records are returned, the system may still be compromised. This is only intended to indicate a potential compromise, rather than confirm a system has not been compromised."
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks.\n\nYou can check for an indicator of compromise with the following command on an Expedition system (replace \"root\" with your username if you are using a different username):\n\n\u00a0 \u00a0 mysql -uroot -p -D pandb -e \"SELECT * FROM cronjobs;\"\n\nIf you see any records returned, this indicates a potential compromise. Please note that if no records are returned, the system may still be compromised. This is only intended to indicate a potential compromise, rather than confirm a system has not been compromised."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9465",
"datePublished": "2024-10-09T17:04:01.720Z",
"dateReserved": "2024-10-03T11:35:12.544Z",
"dateUpdated": "2025-10-21T22:55:42.570Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9464 (GCVE-0-2024-9464)
Vulnerability from cvelistv5 – Published: 2024-10-09 17:03 – Updated: 2024-10-18 15:40
VLAI?
Title
Expedition: Authenticated OS Command Injection Vulnerability Leads to Firewall Admin Credential Disclosure
Summary
An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Expedition |
Affected:
1.2.0 , < 1.2.96
(custom)
cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:* |
Date Public ?
2024-10-09 16:00
Credits
Zach Hanley (@hacks_zach) of Horizon3.ai
Enrique Castillo of Palo Alto Networks
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "expedition",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9464",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-18T15:39:19.519145Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T15:40:20.097Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Zach Hanley (@hacks_zach) of Horizon3.ai"
},
{
"lang": "en",
"type": "finder",
"value": "Enrique Castillo of Palo Alto Networks"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
}
],
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:49:42.767Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
},
{
"tags": [
"exploit"
],
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Authenticated OS Command Injection Vulnerability Leads to Firewall Admin Credential Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9464",
"datePublished": "2024-10-09T17:03:33.904Z",
"dateReserved": "2024-10-03T11:35:11.680Z",
"dateUpdated": "2024-10-18T15:40:20.097Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9463 (GCVE-0-2024-9463)
Vulnerability from cvelistv5 – Published: 2024-10-09 17:03 – Updated: 2025-10-21 22:55
VLAI?
Title
Expedition: Unauthenticated OS Command Injection Vulnerability Leads to Firewall Credential Disclosure
Summary
An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Expedition |
Affected:
1.2.0 , < 1.2.96
(custom)
cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:* |
Date Public ?
2024-10-09 16:00
Credits
Enrique Castillo of Palo Alto Networks
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9463",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-20T03:55:56.863014Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-11-14",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9463"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:42.730Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9463"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-11-14T00:00:00.000Z",
"value": "CVE-2024-9463 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Enrique Castillo of Palo Alto Networks"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
}
],
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:47:33.445Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Unauthenticated OS Command Injection Vulnerability Leads to Firewall Credential Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks.\u003cbr\u003e"
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9463",
"datePublished": "2024-10-09T17:03:12.012Z",
"dateReserved": "2024-10-03T11:35:09.867Z",
"dateUpdated": "2025-10-21T22:55:42.730Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0107 (GCVE-0-2025-0107)
Vulnerability from nvd – Published: 2025-01-11 03:02 – Updated: 2025-01-24 04:56 Unsupported When Assigned
VLAI?
Title
Expedition: OS Command Injection Vulnerability
Summary
An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which results in the disclosure of usernames, cleartext passwords, device configurations, and device API keys for firewalls running PAN-OS software.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Palo Alto Networks | Cloud NGFW |
Unaffected:
All
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Date Public ?
2025-01-08 17:00
Credits
An independent security researcher working with SSD Secure Disclosure
Advanced Research Team, CrowdStrike
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0107",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-23T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T04:56:01.054Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.100",
"status": "unaffected"
}
],
"lessThan": "1.2.100",
"status": "affected",
"version": "1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Panorama",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No special configuration is required to be affected by this issue."
}
],
"value": "No special configuration is required to be affected by this issue."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "An independent security researcher working with SSD Secure Disclosure"
},
{
"lang": "en",
"type": "finder",
"value": "Advanced Research Team, CrowdStrike"
}
],
"datePublic": "2025-01-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which results in the disclosure of usernames, cleartext passwords, device configurations, and device API keys for firewalls running PAN-OS software."
}
],
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which results in the disclosure of usernames, cleartext passwords, device configurations, and device API keys for firewalls running PAN-OS software."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T22:23:29.276Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2025-0001"
}
],
"solutions": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in Expedition 1.2.100 and all later versions* of Expedition.\u003cbr\u003e\u003cbr\u003e* Expedition \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642\"\u003ereached its End of Life (EoL) date\u003c/a\u003e and is no longer supported. We added these fixes prior to the EoL date and we do not plan to make any additional updates or security fixes. Please use the suggested alternatives listed in \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642\"\u003ethe Expedition End of Life Announcement\u003c/a\u003e."
}
],
"value": "This issue is fixed in Expedition 1.2.100 and all later versions* of Expedition.\n\n* Expedition reached its End of Life (EoL) date https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642 and is no longer supported. We added these fixes prior to the EoL date and we do not plan to make any additional updates or security fixes. Please use the suggested alternatives listed in the Expedition End of Life Announcement https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642 ."
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2025-01-08T17:00:00.000Z",
"value": "Initial publication"
},
{
"lang": "en",
"time": "2025-01-15T00:30:00.000Z",
"value": "Corrected the CVSS score to note that authentication is not needed"
}
],
"title": "Expedition: OS Command Injection Vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure that all network access to Expedition is restricted to only authorized users, hosts, and networks. If you are not actively using Expedition, make sure that your Expedition software is shut down."
}
],
"value": "Ensure that all network access to Expedition is restricted to only authorized users, hosts, and networks. If you are not actively using Expedition, make sure that your Expedition software is shut down."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2025-0107",
"datePublished": "2025-01-11T03:02:49.517Z",
"dateReserved": "2024-12-20T23:23:09.397Z",
"dateUpdated": "2025-01-24T04:56:01.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0106 (GCVE-0-2025-0106)
Vulnerability from nvd – Published: 2025-01-11 03:02 – Updated: 2025-01-13 19:48 Unsupported When Assigned
VLAI?
Title
Expedition: Wildcard Expansion Vulnerability
Summary
A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem.
Severity ?
CWE
- CWE-155 - Improper Neutralization of Wildcards or Matching Symbols
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Palo Alto Networks | Cloud NGFW |
Unaffected:
All
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Date Public ?
2025-01-08 17:00
Credits
Advanced Research Team, CrowdStrike
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0106",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T19:48:34.201820Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T19:48:42.286Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.101",
"status": "unaffected"
}
],
"lessThan": "1.2.101",
"status": "affected",
"version": "1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Panorama",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No special configuration is required to be affected by this issue."
}
],
"value": "No special configuration is required to be affected by this issue."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Advanced Research Team, CrowdStrike"
}
],
"datePublic": "2025-01-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem."
}
],
"value": "A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-127",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-127 Directory Indexing"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-155",
"description": "CWE-155 Improper Neutralization of Wildcards or Matching Symbols",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-11T03:02:24.574Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2025-0001"
}
],
"solutions": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in Expedition 1.2.101 and all later versions* of Expedition.\u003cbr\u003e\u003cbr\u003e* Expedition \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642\"\u003ereached its End of Life (EoL) date\u003c/a\u003e and is no longer supported. We added these fixes prior to the EoL date and we do not plan to make any additional updates or security fixes. Please use the suggested alternatives listed in \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642\"\u003ethe Expedition End of Life Announcement\u003c/a\u003e."
}
],
"value": "This issue is fixed in Expedition 1.2.101 and all later versions* of Expedition.\n\n* Expedition reached its End of Life (EoL) date https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642 and is no longer supported. We added these fixes prior to the EoL date and we do not plan to make any additional updates or security fixes. Please use the suggested alternatives listed in the Expedition End of Life Announcement https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642 ."
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2025-01-08T17:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Wildcard Expansion Vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure that all network access to Expedition is restricted to only authorized users, hosts, and networks. If you are not actively using Expedition, make sure that your Expedition software is shut down."
}
],
"value": "Ensure that all network access to Expedition is restricted to only authorized users, hosts, and networks. If you are not actively using Expedition, make sure that your Expedition software is shut down."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2025-0106",
"datePublished": "2025-01-11T03:02:24.574Z",
"dateReserved": "2024-12-20T23:23:08.270Z",
"dateUpdated": "2025-01-13T19:48:42.286Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0105 (GCVE-0-2025-0105)
Vulnerability from nvd – Published: 2025-01-11 03:01 – Updated: 2025-01-13 19:50 Unsupported When Assigned
VLAI?
Title
Expedition: Arbitrary File Deletion Vulnerability
Summary
An arbitrary file deletion vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to delete arbitrary files accessible to the www-data user on the host filesystem.
Severity ?
CWE
- CWE-73 - External Control of File Name or Path
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Palo Alto Networks | Cloud NGFW |
Unaffected:
All
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Date Public ?
2025-01-08 17:00
Credits
Advanced Research Team, CrowdStrike
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0105",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T19:50:27.951601Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T19:50:31.391Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.101",
"status": "unaffected"
}
],
"lessThan": "1.2.101",
"status": "affected",
"version": "1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Panorama",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No special configuration is required to be affected by this issue."
}
],
"value": "No special configuration is required to be affected by this issue."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Advanced Research Team, CrowdStrike"
}
],
"datePublic": "2025-01-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An arbitrary file deletion vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to delete arbitrary files accessible to the www-data user on the host filesystem."
}
],
"value": "An arbitrary file deletion vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to delete arbitrary files accessible to the www-data user on the host filesystem."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-165",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-165 File Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-73",
"description": "CWE-73 External Control of File Name or Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-11T03:01:24.168Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2025-0001"
}
],
"solutions": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in Expedition 1.2.101 and all later versions* of Expedition.\u003cbr\u003e\u003cbr\u003e* Expedition \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642\"\u003ereached its End of Life (EoL) date\u003c/a\u003e and is no longer supported. We added these fixes prior to the EoL date and we do not plan to make any additional updates or security fixes. Please use the suggested alternatives listed in \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642\"\u003ethe Expedition End of Life Announcement\u003c/a\u003e."
}
],
"value": "This issue is fixed in Expedition 1.2.101 and all later versions* of Expedition.\n\n* Expedition reached its End of Life (EoL) date https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642 and is no longer supported. We added these fixes prior to the EoL date and we do not plan to make any additional updates or security fixes. Please use the suggested alternatives listed in the Expedition End of Life Announcement https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642 ."
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2025-01-08T17:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Arbitrary File Deletion Vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure that all network access to Expedition is restricted to only authorized users, hosts, and networks. If you are not actively using Expedition, make sure that your Expedition software is shut down."
}
],
"value": "Ensure that all network access to Expedition is restricted to only authorized users, hosts, and networks. If you are not actively using Expedition, make sure that your Expedition software is shut down."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2025-0105",
"datePublished": "2025-01-11T03:01:24.168Z",
"dateReserved": "2024-12-20T23:23:06.874Z",
"dateUpdated": "2025-01-13T19:50:31.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0104 (GCVE-0-2025-0104)
Vulnerability from nvd – Published: 2025-01-11 03:00 – Updated: 2025-01-13 19:51 Unsupported When Assigned
VLAI?
Title
Expedition: Cross-Site Scripting (XSS) Vulnerability
Summary
A reflected cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition enables attackers to execute malicious JavaScript code in the context of an authenticated Expedition user’s browser if that authenticated user clicks a malicious link that allows phishing attacks and could lead to Expedition browser-session theft.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Palo Alto Networks | Cloud NGFW |
Unaffected:
All
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Date Public ?
2025-01-08 17:00
Credits
Mesut Cetin of RedTeamer IT Security
Advanced Research Team, CrowdStrike
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0104",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T19:51:18.710027Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T19:51:27.183Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.100",
"status": "unaffected"
}
],
"lessThan": "1.2.100",
"status": "affected",
"version": "1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Panorama",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No special configuration is required to be affected by this issue."
}
],
"value": "No special configuration is required to be affected by this issue."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mesut Cetin of RedTeamer IT Security"
},
{
"lang": "en",
"type": "finder",
"value": "Advanced Research Team, CrowdStrike"
}
],
"datePublic": "2025-01-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A reflected cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition enables attackers to execute malicious JavaScript code in the context of an authenticated Expedition user\u2019s browser if that authenticated user clicks a malicious link that allows phishing attacks and could lead to Expedition browser-session theft."
}
],
"value": "A reflected cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition enables attackers to execute malicious JavaScript code in the context of an authenticated Expedition user\u2019s browser if that authenticated user clicks a malicious link that allows phishing attacks and could lead to Expedition browser-session theft."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-11T03:00:40.318Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2025-0001"
}
],
"solutions": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in Expedition 1.2.100 and all later versions* of Expedition.\u003cbr\u003e\u003cbr\u003e* Expedition \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642\"\u003ereached its End of Life (EoL) date\u003c/a\u003e and is no longer supported. We added these fixes prior to the EoL date and we do not plan to make any additional updates or security fixes. Please use the suggested alternatives listed in \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642\"\u003ethe Expedition End of Life Announcement\u003c/a\u003e."
}
],
"value": "This issue is fixed in Expedition 1.2.100 and all later versions* of Expedition.\n\n* Expedition reached its End of Life (EoL) date https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642 and is no longer supported. We added these fixes prior to the EoL date and we do not plan to make any additional updates or security fixes. Please use the suggested alternatives listed in the Expedition End of Life Announcement https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642 ."
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2025-01-08T17:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Cross-Site Scripting (XSS) Vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure that all network access to Expedition is restricted to only authorized users, hosts, and networks. If you are not actively using Expedition, make sure that your Expedition software is shut down."
}
],
"value": "Ensure that all network access to Expedition is restricted to only authorized users, hosts, and networks. If you are not actively using Expedition, make sure that your Expedition software is shut down."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2025-0104",
"datePublished": "2025-01-11T03:00:40.318Z",
"dateReserved": "2024-12-20T23:23:02.943Z",
"dateUpdated": "2025-01-13T19:51:27.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0103 (GCVE-0-2025-0103)
Vulnerability from nvd – Published: 2025-01-11 02:59 – Updated: 2025-01-13 19:52 Unsupported When Assigned
VLAI?
Title
Expedition: SQL Injection Vulnerability
Summary
An SQL injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. This vulnerability also enables attackers to create and read arbitrary files on the Expedition system.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Palo Alto Networks | Cloud NGFW |
Unaffected:
All
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Date Public ?
2025-01-08 17:00
Credits
Mesut Cetin of RedTeamer IT Security
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0103",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T19:52:37.496583Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T19:52:47.949Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.100",
"status": "unaffected"
}
],
"lessThan": "1.2.100",
"status": "affected",
"version": "1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Panorama",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No special configuration is required to be affected by this issue."
}
],
"value": "No special configuration is required to be affected by this issue."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mesut Cetin of RedTeamer IT Security"
}
],
"datePublic": "2025-01-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An SQL injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. This vulnerability also enables attackers to create and read arbitrary files on the Expedition system."
}
],
"value": "An SQL injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. This vulnerability also enables attackers to create and read arbitrary files on the Expedition system."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-11T02:59:51.177Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2025-0001"
}
],
"solutions": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in Expedition 1.2.100 and all later versions* of Expedition.\u003cbr\u003e\u003cbr\u003e* Expedition \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642\"\u003ereached its End of Life (EoL) date\u003c/a\u003e and is no longer supported. We added these fixes prior to the EoL date and we do not plan to make any additional updates or security fixes. Please use the suggested alternatives listed in \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642\"\u003ethe Expedition End of Life Announcement\u003c/a\u003e."
}
],
"value": "This issue is fixed in Expedition 1.2.100 and all later versions* of Expedition.\n\n* Expedition reached its End of Life (EoL) date https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642 and is no longer supported. We added these fixes prior to the EoL date and we do not plan to make any additional updates or security fixes. Please use the suggested alternatives listed in the Expedition End of Life Announcement https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642 ."
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2025-01-08T17:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: SQL Injection Vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure that all network access to Expedition is restricted to only authorized users, hosts, and networks. If you are not actively using Expedition, make sure that your Expedition software is shut down."
}
],
"value": "Ensure that all network access to Expedition is restricted to only authorized users, hosts, and networks. If you are not actively using Expedition, make sure that your Expedition software is shut down."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2025-0103",
"datePublished": "2025-01-11T02:59:51.177Z",
"dateReserved": "2024-12-20T23:22:57.417Z",
"dateUpdated": "2025-01-13T19:52:47.949Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9467 (GCVE-0-2024-9467)
Vulnerability from nvd – Published: 2024-10-09 17:04 – Updated: 2024-10-18 11:52
VLAI?
Title
Expedition: Reflected Cross-Site Scripting Vulnerability Leads to Expedition Session Disclosure
Summary
A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user's browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session theft.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Expedition |
Affected:
1.2.0 , < 1.2.96
(custom)
cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:* |
Date Public ?
2024-10-09 16:00
Credits
Enrique Castillo of Palo Alto Networks
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9467",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T18:09:44.149342Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T18:10:00.314Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Enrique Castillo of Palo Alto Networks"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user\u0027s browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session theft."
}
],
"value": "A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user\u0027s browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session theft."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:52:07.963Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Reflected Cross-Site Scripting Vulnerability Leads to Expedition Session Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9467",
"datePublished": "2024-10-09T17:04:56.867Z",
"dateReserved": "2024-10-03T11:35:14.299Z",
"dateUpdated": "2024-10-18T11:52:07.963Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9466 (GCVE-0-2024-9466)
Vulnerability from nvd – Published: 2024-10-09 17:04 – Updated: 2025-09-04 15:09
VLAI?
Title
Expedition: Cleartext Storage of Information Leads to Firewall Admin Credential Disclosure
Summary
A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials.
Severity ?
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Expedition |
Affected:
1.2.0 , < 1.2.96
(custom)
cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:* |
Date Public ?
2024-10-09 16:00
Credits
Zach Hanley (@hacks_zach) of Horizon3.ai
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "expedition",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9466",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-04T15:09:36.928721Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T15:09:40.127Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Zach Hanley (@hacks_zach) of Horizon3.ai"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials."
}
],
"value": "A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:51:31.525Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
},
{
"tags": [
"exploit"
],
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eThe affected cleartext file will be removed automatically during the upgrade.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nThe affected cleartext file will be removed automatically during the upgrade.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Cleartext Storage of Information Leads to Firewall Admin Credential Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9466",
"datePublished": "2024-10-09T17:04:36.252Z",
"dateReserved": "2024-10-03T11:35:13.454Z",
"dateUpdated": "2025-09-04T15:09:40.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9465 (GCVE-0-2024-9465)
Vulnerability from nvd – Published: 2024-10-09 17:04 – Updated: 2025-10-21 22:55
VLAI?
Title
Expedition: SQL Injection Leads to Firewall Admin Credential Disclosure
Summary
An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Expedition |
Affected:
1.2.0 , < 1.2.96
(custom)
cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:* |
Date Public ?
2024-10-09 16:00
Credits
Zach Hanley (@hacks_zach) of Horizon3.ai
Enrique Castillo of Palo Alto Networks
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9465",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-20T03:55:58.218772Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-11-14",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9465"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:42.570Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9465"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-11-14T00:00:00.000Z",
"value": "CVE-2024-9465 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Zach Hanley (@hacks_zach) of Horizon3.ai"
},
{
"lang": "en",
"type": "finder",
"value": "Enrique Castillo of Palo Alto Networks"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system."
}
],
"value": "An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-108",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-108 Command Line Execution through SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:50:43.190Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
},
{
"tags": [
"exploit"
],
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: SQL Injection Leads to Firewall Admin Credential Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks.\u003cbr\u003e\u003cbr\u003eYou can check for an indicator of compromise with the following command on an Expedition system (replace \"root\" with your username if you are using a different username):\u003cbr\u003e\u003cbr\u003e\u0026nbsp; \u0026nbsp; mysql -uroot -p -D pandb -e \"SELECT * FROM cronjobs;\"\u003cbr\u003e\u003cbr\u003eIf you see any records returned, this indicates a potential compromise. Please note that if no records are returned, the system may still be compromised. This is only intended to indicate a potential compromise, rather than confirm a system has not been compromised."
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks.\n\nYou can check for an indicator of compromise with the following command on an Expedition system (replace \"root\" with your username if you are using a different username):\n\n\u00a0 \u00a0 mysql -uroot -p -D pandb -e \"SELECT * FROM cronjobs;\"\n\nIf you see any records returned, this indicates a potential compromise. Please note that if no records are returned, the system may still be compromised. This is only intended to indicate a potential compromise, rather than confirm a system has not been compromised."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9465",
"datePublished": "2024-10-09T17:04:01.720Z",
"dateReserved": "2024-10-03T11:35:12.544Z",
"dateUpdated": "2025-10-21T22:55:42.570Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9464 (GCVE-0-2024-9464)
Vulnerability from nvd – Published: 2024-10-09 17:03 – Updated: 2024-10-18 15:40
VLAI?
Title
Expedition: Authenticated OS Command Injection Vulnerability Leads to Firewall Admin Credential Disclosure
Summary
An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Expedition |
Affected:
1.2.0 , < 1.2.96
(custom)
cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:* |
Date Public ?
2024-10-09 16:00
Credits
Zach Hanley (@hacks_zach) of Horizon3.ai
Enrique Castillo of Palo Alto Networks
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "expedition",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9464",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-18T15:39:19.519145Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T15:40:20.097Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Zach Hanley (@hacks_zach) of Horizon3.ai"
},
{
"lang": "en",
"type": "finder",
"value": "Enrique Castillo of Palo Alto Networks"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
}
],
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:49:42.767Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
},
{
"tags": [
"exploit"
],
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Authenticated OS Command Injection Vulnerability Leads to Firewall Admin Credential Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9464",
"datePublished": "2024-10-09T17:03:33.904Z",
"dateReserved": "2024-10-03T11:35:11.680Z",
"dateUpdated": "2024-10-18T15:40:20.097Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9463 (GCVE-0-2024-9463)
Vulnerability from nvd – Published: 2024-10-09 17:03 – Updated: 2025-10-21 22:55
VLAI?
Title
Expedition: Unauthenticated OS Command Injection Vulnerability Leads to Firewall Credential Disclosure
Summary
An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Expedition |
Affected:
1.2.0 , < 1.2.96
(custom)
cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:* |
Date Public ?
2024-10-09 16:00
Credits
Enrique Castillo of Palo Alto Networks
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9463",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-20T03:55:56.863014Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-11-14",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9463"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:42.730Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9463"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-11-14T00:00:00.000Z",
"value": "CVE-2024-9463 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Enrique Castillo of Palo Alto Networks"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
}
],
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:47:33.445Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Unauthenticated OS Command Injection Vulnerability Leads to Firewall Credential Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks.\u003cbr\u003e"
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9463",
"datePublished": "2024-10-09T17:03:12.012Z",
"dateReserved": "2024-10-03T11:35:09.867Z",
"dateUpdated": "2025-10-21T22:55:42.730Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}