Lucene search

Palo_altoVULNRICHMENT:CVE-2024-5910

HistoryJul 10, 2024 - 6:39 p.m.

CVE-2024-5910 Expedition: Missing Authentication Leads to Admin Account Takeover

2024-07-1018:39:26

CWE-306

palo_alto

github.com

palo alto networks expedition

missing authentication

admin account takeover

network access

configuration migration

CVSS4

9.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/SC:L/VI:H/SI:L/VA:H/SA:L/AU:Y/U:Red/R:U/V:D/RE:M

AI Score

7.2

Confidence

Low

SSVC

Exploitation

none

Automatable

yes

Technical Impact

total

JSON

Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition.

Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:paloaltonetworks:expedition:1.2:*:*:*:*:*:*:*"
    ],
    "vendor": "paloaltonetworks",
    "product": "expedition",
    "versions": [
      {
        "status": "affected",
        "version": "1.2",
        "lessThan": "1.2.92",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

security.paloaltonetworks.com/CVE-2024-5910

CVSS4

9.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/SC:L/VI:H/SI:L/VA:H/SA:L/AU:Y/U:Red/R:U/V:D/RE:M

AI Score

7.2

Confidence

Low

SSVC

Exploitation

none

Automatable

yes

Technical Impact

total

JSON

Related for VULNRICHMENT:CVE-2024-5910