cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-9463,https://securityvulnerability.io/vulnerability/CVE-2024-9463,Palo Alto Networks Expedition OS Command Injection Vulnerability,"The Palo Alto Networks Expedition tool has multiple critical vulnerabilities (CVE-2024-9463 to CVE-2024-9467) including OS command injection, SQL injection, cleartext storage of sensitive information, and cross-site scripting. These vulnerabilities can result in unauthorized access, credential theft, and administrative takeover. The vulnerabilities affect all versions of Expedition below 1.2.96, and urgent patching is recommended. The potential impact of exploitation includes disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls, with the risk of sensitive data theft. There are no known exploits by ransomware groups at this time, but proactive measures such as upgrading to the latest version of Expedition, limiting network access, rotating credentials, and monitoring access logs are advised to minimize the risk of exploitation.",Palo Alto Networks,Expedition,7.5,HIGH,0.9612200260162354,true,true,false,true,,false,false,2024-10-09T17:15:00.000Z,0
CVE-2024-9467,https://securityvulnerability.io/vulnerability/CVE-2024-9467,Expedition: Reflected Cross-Site Scripting Vulnerability Leads to Expedition Session Disclosure,"A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user's browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session theft.",Palo Alto Networks,Expedition,6.1,MEDIUM,0.0004600000102072954,false,false,false,true,,false,false,2024-10-09T17:15:00.000Z,0
CVE-2024-9466,https://securityvulnerability.io/vulnerability/CVE-2024-9466,Sensitive Information Vulnerability in Palo Alto Networks Expedition,"The vulnerability CVE-2024-9466 in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials. The flaws were found in Palo Alto Networks' Expedition solution, which can be exploited to access sensitive data, such as user credentials, that can help take over firewall admin accounts. The vulnerabilities include command injection, reflected cross-site scripting, cleartext storage of sensitive information, missing authentication, and SQL injection vulnerabilities. A proof-of-concept exploit has been made available, but there is no evidence that the security flaws have been exploited in attacks. Palo Alto Networks has provided security updates in Expedition 1.2.96 to address these vulnerabilities and recommend that affected credentials be rotated after the upgrade.",Palo Alto Networks,Expedition,6.5,MEDIUM,0.0004900000058114529,false,true,false,true,true,false,false,2024-10-09T17:15:00.000Z,0
CVE-2024-9465,https://securityvulnerability.io/vulnerability/CVE-2024-9465,UnAuthenticated SQL Injection Vulnerability in Palo Alto Networks Expedition,"An SQL injection flaw in Palo Alto Networks Expedition presents a serious risk by allowing unauthenticated attackers to access and extract sensitive data from the Expedition database. This includes potential exposure of password hashes, usernames, device configurations, and API keys, all of which can be leveraged to enhance the attacker's capability. Additionally, the vulnerability enables unauthorized file creation and reading within the Expedition environment, raising significant concerns for data integrity and confidentiality.",Palo Alto Networks,Expedition,9.1,CRITICAL,0.9473000168800354,true,true,false,true,true,false,false,2024-10-09T17:15:00.000Z,0
CVE-2024-9464,https://securityvulnerability.io/vulnerability/CVE-2024-9464,OS Command Injection Vulnerability in Palo Alto Networks Expedition,"An OS command injection vulnerability exists in Palo Alto Networks Expedition, permitting an authenticated attacker to execute arbitrary operating system commands with root privileges. This can lead to the exposure of critical information such as usernames, cleartext passwords, device configurations, and API keys associated with PAN-OS firewalls. The vulnerability poses a significant risk to the security of systems utilizing Expedition, emphasizing the importance of applying necessary security measures and updates.",Palo Alto Networks,Expedition,6.5,MEDIUM,0.0005099999834783375,false,true,false,true,true,true,false,2024-10-09T17:15:00.000Z,7244
CVE-2024-5910,https://securityvulnerability.io/vulnerability/CVE-2024-5910,Expedition Admin Account Takeover Risk Due to Missing Authentication,"A critical vulnerability exists in Palo Alto Networks Expedition, where insufficient authentication mechanisms can be exploited, allowing unauthorized users to gain admin access. This flaw poses a serious risk, as attackers with network access can take control of Expedition admin accounts, potentially leading to exposure of sensitive configuration data, including secrets and credentials. Such a breach not only compromises the integrity of configuration management but also threatens the overall security posture of the affected systems.",Palo Alto Networks,Expedition,9.8,CRITICAL,0.9676100015640259,true,true,false,true,true,true,true,2024-07-10T18:39:26.006Z,5555
CVE-2020-1977,https://securityvulnerability.io/vulnerability/CVE-2020-1977,Expedition Migration Tool: Insufficient Cross Site Request Forgery protection.,Insufficient Cross-Site Request Forgery (XSRF) protection on Expedition Migration Tool allows remote unauthenticated attackers to hijack the authentication of administrators and to perform actions on the Expedition Migration Tool. This issue affects Expedition Migration Tool 1.1.51 and earlier versions.,Palo Alto Networks,Expedition,7.5,HIGH,0.0014100000262260437,false,false,false,false,,false,false,2020-02-12T00:00:00.000Z,0
CVE-2019-1574,https://securityvulnerability.io/vulnerability/CVE-2019-1574,,Cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition Migration tool 1.1.12 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the Devices View.,Palo Alto Networks,Expedition Migration Tool,5.4,MEDIUM,0.000539999979082495,false,false,false,false,,false,false,2019-04-12T16:57:14.000Z,0
CVE-2019-1567,https://securityvulnerability.io/vulnerability/CVE-2019-1567,,The Expedition Migration tool 1.1.6 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings.,Palo Alto Networks,Palo Alto Networks Expedition Migration Tool,5.4,MEDIUM,0.000539999979082495,false,false,false,false,,false,false,2019-04-09T19:15:43.000Z,0
CVE-2018-10143,https://securityvulnerability.io/vulnerability/CVE-2018-10143,,The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application.,Palo Alto Networks,Palo Alto Networks Expedition,9.8,CRITICAL,0.004699999932199717,false,false,false,false,,false,false,2018-12-12T00:00:00.000Z,0
CVE-2018-10142,https://securityvulnerability.io/vulnerability/CVE-2018-10142,,The Expedition Migration tool 1.0.106 and earlier may allow an unauthenticated attacker to enumerate files on the operating system.,Palo Alto Networks,Palo Alto Networks Expedition,7.5,HIGH,0.0010600000387057662,false,false,false,false,,false,false,2018-11-27T21:00:00.000Z,0