An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system.
History

Thu, 14 Nov 2024 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Fri, 18 Oct 2024 12:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-:*:*:*:*:*:*

Thu, 17 Oct 2024 05:30:00 +0000


Tue, 15 Oct 2024 15:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N'}


Fri, 11 Oct 2024 21:15:00 +0000

Type Values Removed Values Added
First Time appeared Paloaltonetworks
Paloaltonetworks expedition
CPEs cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*
Vendors & Products Paloaltonetworks
Paloaltonetworks expedition
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 09 Oct 2024 22:45:00 +0000

Type Values Removed Values Added
Title Expedition: SQL Injection Leads to Firewall Admin Account Takeover Expedition: SQL Injection Leads to Firewall Admin Credential Disclosure
Metrics cvssV4_0

{'score': 9.2, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Red'}

cvssV4_0

{'score': 9.2, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber'}


Wed, 09 Oct 2024 17:15:00 +0000

Type Values Removed Values Added
Description An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system.
Title Expedition: SQL Injection Leads to Firewall Admin Account Takeover
Weaknesses CWE-89
References
Metrics cvssV4_0

{'score': 9.2, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Red'}


cve-icon MITRE

Status: PUBLISHED

Assigner: palo_alto

Published: 2024-10-09T17:04:01.720Z

Updated: 2024-11-14T19:08:25.471Z

Reserved: 2024-10-03T11:35:12.544Z

Link: CVE-2024-9465

cve-icon Vulnrichment

Updated: 2024-10-10T17:34:53.065Z

cve-icon NVD

Status : Modified

Published: 2024-10-09T17:15:20.287

Modified: 2024-10-17T06:15:04.510

Link: CVE-2024-9465

cve-icon Redhat

No data.