// For flags

CVE-2024-5910

Palo Alto Expedition Missing Authentication Vulnerability

Severity Score

9.3
*CVSS v4

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

Yes
*KEV

Decision

Act
*SSVC
Descriptions

Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition.

Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue.

La falta de autenticación para una función crítica en Palo Alto Networks Expedition puede provocar que los atacantes con acceso a la red de Expedition tomen el control de la cuenta de administrador de Expedition. Nota: Expedition es una herramienta que ayuda en la migración, el ajuste y el enriquecimiento de la configuración. Los secretos de configuración, las credenciales y otros datos importados a Expedition están en riesgo debido a este problema.

Palo Alto Expedition contains a missing authentication vulnerability that allows an attacker with network access to takeover an Expedition admin account and potentially access configuration secrets, credentials, and other data.

*Credits: Brian Hysell (Synopsys CyRC)
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Attack Requirements
None
Privileges Required
None
User Interaction
None
System
Vulnerable | Subsequent
Confidentiality
High
Low
Integrity
High
Low
Availability
High
Low
Attack Vector
Network
Attack Complexity
Low
Attack Requirements
None
Privileges Required
None
User Interaction
None
System
Vulnerable | Subsequent
Confidentiality
High
Low
Integrity
High
Low
Availability
High
Low
* Common Vulnerability Scoring System
SSVC
  • Decision:Act
Exploitation
Active
Automatable
Yes
Tech. Impact
Total
* Organization's Worst-case Scenario
Timeline
  • 2024-06-12 CVE Reserved
  • 2024-07-10 CVE Published
  • 2024-11-07 Exploited in Wild
  • 2024-11-08 CVE Updated
  • 2024-11-09 EPSS Updated
  • 2024-11-28 KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-306: Missing Authentication for Critical Function
CAPEC
  • CAPEC-115: Authentication Bypass
References (1)
URL Tag Source
URL Date SRC
URL Date SRC
URL Date SRC
https://security.paloaltonetworks.com/CVE-2024-5910 2024-07-11
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Palo Alto Networks
Search vendor "Palo Alto Networks"
 Expedition
Search vendor "Palo Alto Networks" for product "Expedition"
 >= 1.2.0 < 1.2.92
Search vendor "Palo Alto Networks" for product "Expedition" and version " >= 1.2.0 < 1.2.92"
en
Affected