CVE-2020-1977: Expedition Migration Tool: Insufficient Cross Site Request Forgery protection.
First published: Wed Feb 12 2020(Updated: )
Insufficient Cross-Site Request Forgery (XSRF) protection on Expedition Migration Tool allows remote unauthenticated attackers to hijack the authentication of administrators and to perform actions on the Expedition Migration Tool. This issue affects Expedition Migration Tool 1.1.51 and earlier versions.
Credit: psirt@paloaltonetworks.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Paloaltonetworks Expedition Migration Tool | >=1.1<=1.1.51 |
Remedy
This issue is fixed in Expedition Migration Tool 1.1.52 and later versions.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/weakness
- agent/remedy
- agent/severity
- agent/last-modified-date
- agent/author
- agent/description
- agent/first-publish-date
- agent/tags
- agent/event
- vendor/paloaltonetworks
- canonical/paloaltonetworks expedition migration tool
- version/paloaltonetworks expedition migration tool/1.1
- version/paloaltonetworks expedition migration tool/1.1.51