Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition. Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:D/RE:M/U:RedPalo Alto Networks Expedition
APPPaloaltonetworks1.2.0 – 1.2.92 (bez)
CISA KEV — detailsi
- Vendori
- Palo Alto Networks ↗
- Producti
- Expedition
- Added to KEVi
- November 7, 2024
- Remediation deadline (US Federal)i
- November 28, 2024(overdue)
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Palo Alto Networks Expedition contains a missing authentication vulnerability that allows an attacker with network access to takeover an Expedition admin account and potentially access configuration secrets, credentials, and other data.
Related vulnerabilities
Command injection w Palo Alto Networks Expedition — nieautoryzowane RCE jako root
SQL Injection w Palo Alto Networks Expedition — dostęp do danych i plików
SQL Injection w Palo Alto Networks Expedition — ujawnienie danych i odczyt plików
OS command injection w Palo Alto Networks Expedition umożliwiający RCE jako root
The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker wit...