CVE-2024-5910: Palo Alto Expedition Missing Authentication Vulnerability
First published: Wed Jul 10 2024(Updated: )
Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition. Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue.
Credit: psirt@paloaltonetworks.com psirt@paloaltonetworks.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Paloaltonetworks Expedition | >=1.2.0<1.2.92 | |
| Palo Alto Networks Expedition |
Remedy
This issue is fixed in Expedition 1.2.92 and all later versions.
Remedy
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.bleepingcomputer.com/news/security/palo-alto-networks-warns-of-firewall-hijack-bugs-with-public-exploit/
- https://www.bleepingcomputer.com/news/security/cisa-warns-of-critical-palo-alto-networks-bug-exploited-in-attacks/
- https://www.bleepingcomputer.com/news/security/palo-alto-networks-warns-of-potential-pan-os-rce-vulnerability/
- https://security.paloaltonetworks.com/CVE-2024-5910
- https://nvd.nist.gov/vuln/detail/CVE-2024-5910
- https://www.bleepingcomputer.com/news/security/cisa-warns-of-more-palo-alto-networks-bugs-exploited-in-attacks/
- agent/weakness
- agent/type
- agent/first-publish-date
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2024-5910
- alias/CVE-2024-9464
- alias/CVE-2024-9466
- agent/remedy
- agent/author
- agent/references
- agent/severity
- collector/mitre-cve
- source/MITRE
- agent/title
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup
- agent/event
- agent/description
- exploited/true
- collector/cisa-known-exploited
- source/CISA
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- agent/last-modified-date
- alias/CVE-2024-9463
- alias/CVE-2024-9465
- vendor/paloaltonetworks
- canonical/paloaltonetworks expedition
- version/paloaltonetworks expedition/1.2.0
- vendor/palo alto networks
- canonical/palo alto networks expedition