CRITICAL🚩 CISA KEV⚡ EXPLOIT🇵🇱 Wersja polska

CVE-2024-5910

CVSS 9.3v4.0pub. 2024-07-10upd. 2025-11-04

Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition. Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue.

CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:D/RE:M/U:Red
  • Palo Alto Networks Expedition

    APP
    Paloaltonetworks
    1.2.0 – 1.2.92 (bez)

CISA KEV — detailsi

Vendori
Palo Alto Networks
Producti
Expedition
Added to KEVi
November 7, 2024
Remediation deadline (US Federal)i
November 28, 2024(overdue)
Required action (CISA)i

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

CISA descriptioni

Palo Alto Networks Expedition contains a missing authentication vulnerability that allows an attacker with network access to takeover an Expedition admin account and potentially access configuration secrets, credentials, and other data.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 28 listopada 2024
CWE
References

Related vulnerabilities

CVE-2024-9463CRITICAL9.9⚠ KEVPL ✓ten sam produkt

Command injection w Palo Alto Networks Expedition — nieautoryzowane RCE jako root

CVE-2024-9465CRITICAL9.2⚠ KEVPL ✓ten sam produkt

SQL Injection w Palo Alto Networks Expedition — dostęp do danych i plików

CVE-2025-0103CRITICAL9.2PL ✓ten sam produkt

SQL Injection w Palo Alto Networks Expedition — ujawnienie danych i odczyt plików

CVE-2024-9464CRITICAL9.3PL ✓ten sam produkt

OS command injection w Palo Alto Networks Expedition umożliwiający RCE jako root

CVE-2018-10143CRITICAL9.8ten sam produkt

The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker wit...