Sensitive Information Vulnerability in Palo Alto Networks Expedition

CVE-2024-9466

What is CVE-2024-9466?

The vulnerability CVE-2024-9466 in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials. The flaws were found in Palo Alto Networks' Expedition solution, which can be exploited to access sensitive data, such as user credentials, that can help take over firewall admin accounts. The vulnerabilities include command injection, reflected cross-site scripting, cleartext storage of sensitive information, missing authentication, and SQL injection vulnerabilities. A proof-of-concept exploit has been made available, but there is no evidence that the security flaws have been exploited in attacks. Palo Alto Networks has provided security updates in Expedition 1.2.96 to address these vulnerabilities and recommend that affected credentials be rotated after the upgrade.

News Articles

BleepingComputer

CVE-2024-9464CVE-2024-9466

Palo Alto Networks warns of firewall hijack bugs with public exploit

Palo Alto Networks warned customers today to patch security vulnerabilities (with public exploit code) that can be chained to let attackers hijack PAN-OS firewalls.

References