First published: Tue Nov 27 2018(Updated: )
The Expedition Migration tool 1.0.106 and earlier may allow an unauthenticated attacker to enumerate files on the operating system.
Credit: psirt@paloaltonetworks.com
Affected Software | Affected Version | How to fix |
---|---|---|
Paloaltonetworks Expedition | =1.0.106 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-10142 has a high severity rating due to its potential to allow unauthenticated file enumeration by attackers.
To fix CVE-2018-10142, upgrade the Expedition Migration tool to version 1.0.107 or later.
CVE-2018-10142 affects the Expedition Migration tool versions 1.0.106 and earlier.
Yes, CVE-2018-10142 can be exploited remotely as it allows unauthenticated attackers to access file information.
No, CVE-2018-10142 can be exploited by attackers without needing user authentication.