CVE-2024-9466 — Log File Information Exposure in Palo Alto Networks Expedition

CWE-532 — Log File Information Exposure CWE-312 — Cleartext Storage of Sensitive Info7 documents5 sources

Severity

8.2HIGHNVD

EPSS

20.1%

top 4.50%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Palo Alto Networks Expedition Paloaltonetworks Expedition

Timeline

PublishedOct 9

Latest updateNov 1

Description

A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N

Affected Packages2 packages

▶NVDpaloaltonetworks/expedition1.2.0 — 1.2.96

▶CVEListV5palo_alto_networks/expedition1.2.0 — 1.2.96

🔴Vulnerability Details

CVEList

Expedition: Cleartext Storage of Information Leads to Firewall Admin Credential Disclosure↗2024-10-09

▶

GHSA

GHSA-3wg5-x88w-52fj: A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall userna↗2024-10-09

▶

🕵️Threat Intelligence

Wiz

Crying Out Cloud - November 2024 Newsletter | Wiz↗2024-11-01

▶

Wiz

3 Critical CVEs in Palo Alto Networks Expedition | Wiz Blog↗2024-10-10

▶

Wiz

3 Critical CVEs in Palo Alto Networks Expedition | Wiz Blog↗2024-10-10

▶

Bleepingcomputer

Palo Alto Networks warns of firewall hijack bugs with public exploit↗2024-10-09

▶