CVE-2018-10142Sensitive Information Exposure in Palo Alto Networks Expedition

CWE-200Sensitive Information Exposure5 documents5 sources
Severity
7.5HIGHNVD
EPSS
0.8%
top 26.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Palo Alto Networks ExpeditionPaloaltonetworks ExpeditionPaloalto Expedition
Timeline
PublishedNov 27
Latest updateMay 13

Description

The Expedition Migration tool 1.0.106 and earlier may allow an unauthenticated attacker to enumerate files on the operating system.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

CVEListV5palo_alto_networks/palo_alto_networks_expeditionExpedition 1.0.106 and earlier

🔴Vulnerability Details

2
GHSA
GHSA-gjgw-92x5-xgw4: The Expedition Migration tool 12022-05-13
CVEList
CVE-2018-10142: The Expedition Migration tool 12018-11-27

💥Exploits & PoCs

1
Exploit-DB
PaloAlto Networks Expedition Migration Tool 1.0.106 - Information Disclosure2018-12-03

📋Vendor Advisories

1
Palo Alto
Information Disclosure in Expedition Migration Tool2018-11-20
CVE-2018-10142 — Sensitive Information Exposure in Palo | cvebase