Action not permitted
Modal body text goes here.
Modal Title
Modal Body
wid-sec-w-2024-3146
Vulnerability from csaf_certbund
Published
2024-10-10 22:00
Modified
2024-11-14 23:00
Summary
PaloAlto Networks Expedition: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Palo Alto Expedition ist eine Next-Generation-Firewall (NGFW)-Plattform
Angriff
Ein Angreifer kann mehrere Schwachstellen in PaloAlto Networks Expedition ausnutzen, um beliebigen Code mit administrativen Rechten auszuführen, Daten zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen und vertrauliche Informationen preiszugeben.
Betroffene Betriebssysteme
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "kritisch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Palo Alto Expedition ist eine Next-Generation-Firewall (NGFW)-Plattform",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in PaloAlto Networks Expedition ausnutzen, um beliebigen Code mit administrativen Rechten auszuf\u00fchren, Daten zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren und vertrauliche Informationen preiszugeben.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3146 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3146.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3146 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3146"
},
{
"category": "external",
"summary": "Palo Alto Networks Security Advisories vom 2024-10-10",
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
},
{
"category": "external",
"summary": "Horion3 Attack Blog vom 2024-10-10",
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/"
},
{
"category": "external",
"summary": "PoC auf GitHub",
"url": "https://github.com/horizon3ai/CVE-2024-9465"
},
{
"category": "external",
"summary": "PoC auf GitHub",
"url": "https://github.com/horizon3ai/CVE-2024-9464"
}
],
"source_lang": "en-US",
"title": "PaloAlto Networks Expedition: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-11-14T23:00:00.000+00:00",
"generator": {
"date": "2024-11-15T10:39:41.011+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-3146",
"initial_release_date": "2024-10-10T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-10-10T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-11-14T23:00:00.000+00:00",
"number": "2",
"summary": "Aktive Ausnutzung gemeldet"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.2.96",
"product": {
"name": "PaloAlto Networks Expedition \u003c1.2.96",
"product_id": "T038271"
}
},
{
"category": "product_version",
"name": "1.2.96",
"product": {
"name": "PaloAlto Networks Expedition 1.2.96",
"product_id": "T038271-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:paloaltonetworks:expedition:1.2.96"
}
}
}
],
"category": "product_name",
"name": "Expedition"
}
],
"category": "vendor",
"name": "PaloAlto Networks"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-9463",
"notes": [
{
"category": "description",
"text": "In PaloAlto Networks Expedition bestehen mehrere Schwachstellen, die auf eine unzureichende Bereinigung von Eingaben zur\u00fcckzuf\u00fchren sind. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um Betriebssystembefehle einzuschleusen und mit Root-Rechten auszuf\u00fchren, was zur Offenlegung sensibler Daten wie Benutzernamen, Klartextpassw\u00f6rtern, Ger\u00e4tekonfigurationen und API-Schl\u00fcsseln von PAN-OS-Firewalls f\u00fchrt."
}
],
"product_status": {
"known_affected": [
"T038271"
]
},
"release_date": "2024-10-10T22:00:00.000+00:00",
"title": "CVE-2024-9463"
},
{
"cve": "CVE-2024-9464",
"notes": [
{
"category": "description",
"text": "In PaloAlto Networks Expedition bestehen mehrere Schwachstellen, die auf eine unzureichende Bereinigung von Eingaben zur\u00fcckzuf\u00fchren sind. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um Betriebssystembefehle einzuschleusen und mit Root-Rechten auszuf\u00fchren, was zur Offenlegung sensibler Daten wie Benutzernamen, Klartextpassw\u00f6rtern, Ger\u00e4tekonfigurationen und API-Schl\u00fcsseln von PAN-OS-Firewalls f\u00fchrt."
}
],
"product_status": {
"known_affected": [
"T038271"
]
},
"release_date": "2024-10-10T22:00:00.000+00:00",
"title": "CVE-2024-9464"
},
{
"cve": "CVE-2024-9465",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in PaloAlto Networks Expedition aufgrund unzureichender Bereinigung, die zu SQL-Injection f\u00fchrt. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um das System zu manipulieren, beliebige Dateien zu erstellen oder zu lesen und vertrauliche Informationen wie Passwort-Hashes, Benutzernamen und Konfigurationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T038271"
]
},
"release_date": "2024-10-10T22:00:00.000+00:00",
"title": "CVE-2024-9465"
},
{
"cve": "CVE-2024-9466",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in PaloAlto Networks Expedition da vertrauliche Informationen im Klartext gespeichert werden. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um Firewall-Benutzernamen, Passw\u00f6rter und API-Schl\u00fcssel, die mit diesen Anmeldeinformationen erstellt wurden, offenzulegen."
}
],
"product_status": {
"known_affected": [
"T038271"
]
},
"release_date": "2024-10-10T22:00:00.000+00:00",
"title": "CVE-2024-9466"
},
{
"cve": "CVE-2024-9467",
"notes": [
{
"category": "description",
"text": "In PaloAlto Networks Expedition existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T038271"
]
},
"release_date": "2024-10-10T22:00:00.000+00:00",
"title": "CVE-2024-9467"
}
]
}
cve-2024-9466
Vulnerability from cvelistv5
Published
2024-10-09 17:04
Modified
2024-10-18 11:51
Severity ?
EPSS score ?
Summary
A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Palo Alto Networks | Expedition |
Version: 1.2.0 < 1.2.96 cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:* |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "expedition",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9466",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-10T17:36:02.686341Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-10T17:37:16.246Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Zach Hanley (@hacks_zach) of Horizon3.ai"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials."
}
],
"value": "A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:51:31.525Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
},
{
"tags": [
"exploit"
],
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eThe affected cleartext file will be removed automatically during the upgrade.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nThe affected cleartext file will be removed automatically during the upgrade.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Cleartext Storage of Information Leads to Firewall Admin Credential Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9466",
"datePublished": "2024-10-09T17:04:36.252Z",
"dateReserved": "2024-10-03T11:35:13.454Z",
"dateUpdated": "2024-10-18T11:51:31.525Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-9464
Vulnerability from cvelistv5
Published
2024-10-09 17:03
Modified
2024-10-18 15:40
Severity ?
EPSS score ?
Summary
An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Palo Alto Networks | Expedition |
Version: 1.2.0 < 1.2.96 cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:* |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "expedition",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9464",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-18T15:39:19.519145Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T15:40:20.097Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Zach Hanley (@hacks_zach) of Horizon3.ai"
},
{
"lang": "en",
"type": "finder",
"value": "Enrique Castillo of Palo Alto Networks"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
}
],
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:49:42.767Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
},
{
"tags": [
"exploit"
],
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Authenticated OS Command Injection Vulnerability Leads to Firewall Admin Credential Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9464",
"datePublished": "2024-10-09T17:03:33.904Z",
"dateReserved": "2024-10-03T11:35:11.680Z",
"dateUpdated": "2024-10-18T15:40:20.097Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-9467
Vulnerability from cvelistv5
Published
2024-10-09 17:04
Modified
2024-10-18 11:52
Severity ?
EPSS score ?
Summary
A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user's browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session theft.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.paloaltonetworks.com/PAN-SA-2024-0010 | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Palo Alto Networks | Expedition |
Version: 1.2.0 < 1.2.96 cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:* |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9467",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T18:09:44.149342Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T18:10:00.314Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Enrique Castillo of Palo Alto Networks"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user\u0027s browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session theft."
}
],
"value": "A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user\u0027s browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session theft."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:52:07.963Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Reflected Cross-Site Scripting Vulnerability Leads to Expedition Session Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9467",
"datePublished": "2024-10-09T17:04:56.867Z",
"dateReserved": "2024-10-03T11:35:14.299Z",
"dateUpdated": "2024-10-18T11:52:07.963Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-9463
Vulnerability from cvelistv5
Published
2024-10-09 17:03
Modified
2024-11-14 23:20
Severity ?
EPSS score ?
Summary
An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.paloaltonetworks.com/PAN-SA-2024-0010 | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Palo Alto Networks | Expedition |
Version: 1.2.0 < 1.2.96 cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:* |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9463",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-14T19:08:32.747310Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-11-14",
"reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-14T23:20:22.967Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2024-11-14T00:00:00+00:00",
"value": "CVE-2024-9463 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Enrique Castillo of Palo Alto Networks"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
}
],
"value": "An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:47:33.445Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Unauthenticated OS Command Injection Vulnerability Leads to Firewall Credential Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks.\u003cbr\u003e"
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9463",
"datePublished": "2024-10-09T17:03:12.012Z",
"dateReserved": "2024-10-03T11:35:09.867Z",
"dateUpdated": "2024-11-14T23:20:22.967Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-9465
Vulnerability from cvelistv5
Published
2024-10-09 17:04
Modified
2024-11-14 23:20
Severity ?
EPSS score ?
Summary
An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Palo Alto Networks | Expedition |
Version: 1.2.0 < 1.2.96 cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:* |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9465",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-14T19:08:21.984574Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-11-14",
"reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-14T23:20:22.620Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2024-11-14T00:00:00+00:00",
"value": "CVE-2024-9465 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.96",
"status": "unaffected"
}
],
"lessThan": "1.2.96",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Zach Hanley (@hacks_zach) of Horizon3.ai"
},
{
"lang": "en",
"type": "finder",
"value": "Enrique Castillo of Palo Alto Networks"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system."
}
],
"value": "An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
}
],
"impacts": [
{
"capecId": "CAPEC-108",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-108 Command Line Execution through SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:50:43.190Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
},
{
"tags": [
"exploit"
],
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\u003cbr\u003e\u003cbr\u003eAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\u003cbr\u003e\u003cbr\u003eAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: SQL Injection Leads to Firewall Admin Credential Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks.\u003cbr\u003e\u003cbr\u003eYou can check for an indicator of compromise with the following command on an Expedition system (replace \"root\" with your username if you are using a different username):\u003cbr\u003e\u003cbr\u003e\u0026nbsp; \u0026nbsp; mysql -uroot -p -D pandb -e \"SELECT * FROM cronjobs;\"\u003cbr\u003e\u003cbr\u003eIf you see any records returned, this indicates a potential compromise. Please note that if no records are returned, the system may still be compromised. This is only intended to indicate a potential compromise, rather than confirm a system has not been compromised."
}
],
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks.\n\nYou can check for an indicator of compromise with the following command on an Expedition system (replace \"root\" with your username if you are using a different username):\n\n\u00a0 \u00a0 mysql -uroot -p -D pandb -e \"SELECT * FROM cronjobs;\"\n\nIf you see any records returned, this indicates a potential compromise. Please note that if no records are returned, the system may still be compromised. This is only intended to indicate a potential compromise, rather than confirm a system has not been compromised."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9465",
"datePublished": "2024-10-09T17:04:01.720Z",
"dateReserved": "2024-10-03T11:35:12.544Z",
"dateUpdated": "2024-11-14T23:20:22.620Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.