Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition.
Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://security.paloaltonetworks.com/CVE-2024-5910 |
History
Fri, 08 Nov 2024 21:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
cvssV3_1
|
Thu, 07 Nov 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
kev
|
Wed, 06 Nov 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Paloaltonetworks
Paloaltonetworks expedition |
|
CPEs | cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:* | |
Vendors & Products |
Paloaltonetworks
Paloaltonetworks expedition |
|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: palo_alto
Published: 2024-07-10T18:39:26.006Z
Updated: 2024-11-08T16:40:17.301Z
Reserved: 2024-06-12T15:27:55.854Z
Link: CVE-2024-5910
Vulnrichment
Updated: 2024-11-08T16:40:17.301Z
NVD
Status : Analyzed
Published: 2024-07-10T19:15:11.390
Modified: 2024-11-14T02:00:02.740
Link: CVE-2024-5910
Redhat
No data.