Sensitive Information Vulnerability in Palo Alto Networks Expedition

CVE-2024-9466

6.5MEDIUM

Key Information

Vendor: Palo Alto Networks
Status: Expedition
Vendor: CVE Published:; 9 October 2024

Badges

👾 Exploit Exists📰 News Worthy

Summary

The vulnerability CVE-2024-9466 in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials. The flaws were found in Palo Alto Networks' Expedition solution, which can be exploited to access sensitive data, such as user credentials, that can help take over firewall admin accounts. The vulnerabilities include command injection, reflected cross-site scripting, cleartext storage of sensitive information, missing authentication, and SQL injection vulnerabilities. A proof-of-concept exploit has been made available, but there is no evidence that the security flaws have been exploited in attacks. Palo Alto Networks has provided security updates in Expedition 1.2.96 to address these vulnerabilities and recommend that affected credentials be rotated after the upgrade.

Affected Version(s)

Expedition < 1.2.96

News Articles

BleepingComputer

CVE-2024-9464CVE-2024-9466

Palo Alto Networks warns of firewall hijack bugs with public exploit

Palo Alto Networks warned customers today to patch security vulnerabilities (with public exploit code) that can be chained to let attackers hijack PAN-OS firewalls.

1 week ago

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

👾
Exploit exists.
Oct 10, 2024
First article discovered by BleepingComputer
Oct 9, 2024
Initial publication
Oct 9, 2024
Vulnerability published.
Oct 9, 2024

Collectors

NVD DatabaseMitre Database1 News Article(s)

Credit

Zach Hanley (@hacks_zach) of Horizon3.ai