CVE-2024-9466: Expedition: Cleartext Storage of Information Leads to Firewall Admin Credential Disclosure
First published: Wed Oct 09 2024(Updated: )
A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials.
Credit: psirt@paloaltonetworks.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Paloaltonetworks Expedition | >=1.2.0<1.2.96 |
Remedy
The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions. The affected cleartext file will be removed automatically during the upgrade. All Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition. All firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/remedy
- agent/type
- agent/description
- agent/first-publish-date
- agent/author
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2024-5910
- alias/CVE-2024-9464
- alias/CVE-2024-9466
- agent/title
- agent/severity
- agent/weakness
- agent/softwarecombine
- agent/event
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/references
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/epss
- collector/epss-latest
- source/FIRST
- agent/trending
- vendor/paloaltonetworks
- canonical/paloaltonetworks expedition
- version/paloaltonetworks expedition/1.2.0