CVE-2024-9465

An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system.
Configurations

Configuration 1 (hide)

cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*

History

15 Nov 2024, 14:39

Type Values Removed Values Added
References () https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/ - () https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/ - Exploit

17 Oct 2024, 06:15

Type Values Removed Values Added
References
  • () https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/ -

15 Oct 2024, 15:08

Type Values Removed Values Added
CPE cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*
References () https://security.paloaltonetworks.com/PAN-SA-2024-0010 - () https://security.paloaltonetworks.com/PAN-SA-2024-0010 - Mitigation, Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.1
First Time Paloaltonetworks expedition
Paloaltonetworks

10 Oct 2024, 12:51

Type Values Removed Values Added
Summary
  • (es) Una vulnerabilidad de inyección SQL en Expedition de Palo Alto Networks permite a un atacante no autenticado revelar el contenido de la base de datos de Expedition, como hashes de contraseñas, nombres de usuario, configuraciones de dispositivos y claves API de dispositivos. Con esto, los atacantes también pueden crear y leer archivos arbitrarios en el sistema Expedition.

09 Oct 2024, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-09 17:15

Updated : 2024-11-15 14:39


NVD link : CVE-2024-9465

Mitre link : CVE-2024-9465

CVE.ORG link : CVE-2024-9465


JSON object : View

Products Affected

paloaltonetworks

  • expedition
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')