CVE-2024-9467
published 2024-10-09CVE-2024-9467: A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user's…
PriorityP426medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EPSS
0.65%
46.3th percentile
A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user's browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session theft.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| palo_alto_networks | expedition | >= 1.2.0 < 1.2.96 | 1.2.96 |
| paloalto | pan-os | — | — |
| paloalto | panorama | — | — |
| paloalto | prisma_access | — | — |
| paloaltonetworks | expedition | >= 1.2.0 < 1.2.96 | 1.2.96 |
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv4.07.0HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:H/U:Amber
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Palo Alto
PAN-SA-2024-0010 Expedition: Multiple Vulnerabilities in Expedition Lead to Exposure of Firewall Credentials
vendor_paloalto·2024-10-09·CVSS 9.9
[CRITICAL] CWE-532 PAN-SA-2024-0010 Expedition: Multiple Vulnerabilities in Expedition Lead to Exposure of Firewall Credentials
PAN-SA-2024-0010 Expedition: Multiple Vulnerabilities in Expedition Lead to Exposure of Firewall Credentials
Multiple vulnerabilities in Palo Alto Networks Expedition allow an attacker to read Expedition database contents and arbitrary files, as well as write arbitrary files to temporary storage locations on the Expedition system. Combined, these include information such as usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls. These issues do not affect the firewalls, Panorama, Prisma Access, or Cloud NGFW. CVE CVSS Summary CVE-2024-9463 9.9 ( CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N ) An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as roo
GHSA
GHSA-h8v4-hc3c-vf8p: A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition
ghsa_unreviewed·2024-10-09
CVE-2024-9467 [HIGH] CWE-79 GHSA-h8v4-hc3c-vf8p: A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition
A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user's browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session theft.
No detection rules found.
No public exploits indexed.
Wiz
Crying Out Cloud - November 2024 Newsletter | Wiz
blogs_wiz·2024-11-01·CVSS 7.2
[HIGH] Crying Out Cloud - November 2024 Newsletter | Wiz
Welcome back! This month we’ve seen a lot of action, with both vulnerabilities and security incidents that have left users affected. We bring you the latest cloud security highlights, to help you stay informed and stay secure. Let's dive in.
Here are our top picks!
## 🔍 Highlights
Supply Chain Attack on lottie-player
On October 30, 2024, a supply chain attack was initiated against the popular JavaScript library lottie-player, injecting malicious code that populates a Web3 wallet connection prompt on legitimate websites using the library, potentially targeting prominent cryptocurrency platforms and other high-traffic websites. The compromised versions of lottie-player were later removed from major CDNs and npm, but websites still using compromised versions of the library remain affected.
Wiz
3 Critical CVEs in Palo Alto Networks Expedition | Wiz Blog
blogs_wiz·2024-10-10·CVSS 9.9
CVE-2024-9463 [CRITICAL] 3 Critical CVEs in Palo Alto Networks Expedition | Wiz Blog
Palo Alto Networks’ Expedition tool contains multiple critical vulnerabilities (CVE-2024-9463, CVE-2024-9464, CVE-2024-9465, CVE-2024-9466, CVE-2024-9467), including OS command injection, SQL injection, cleartext storage of sensitive information, and cross-site scripting (XSS). These issues, with CVSS scores reaching 9.9, expose systems running Expedition to unauthorized access, credential theft, and administrative takeover. Exploitation requires minimal complexity and no user interaction, posing a critical risk to systems unless addressed promptly.
## What are these vulnerabilities?
Expedition is a tool designed to help the migration process of configurations from supported vendors to Palo Alto Networks systems. Expedition allows users to convert configurations from vendors like Checkpo
Wiz
3 Critical CVEs in Palo Alto Networks Expedition | Wiz Blog
blogs_wiz·2024-10-10·CVSS 9.9
CVE-2024-9463 [CRITICAL] 3 Critical CVEs in Palo Alto Networks Expedition | Wiz Blog
Palo Alto Networks’ Expedition tool contains multiple critical vulnerabilities (CVE-2024-9463, CVE-2024-9464, CVE-2024-9465, CVE-2024-9466, CVE-2024-9467), including OS command injection, SQL injection, cleartext storage of sensitive information, and cross-site scripting (XSS). These issues, with CVSS scores reaching 9.9, expose systems running Expedition to unauthorized access, credential theft, and administrative takeover. Exploitation requires minimal complexity and no user interaction, posing a critical risk to systems unless addressed promptly.
# What are these vulnerabilities?
Expedition is a tool designed to help the migration process of configurations from supported vendors to Palo Alto Networks systems. Expedition allows users to convert configurations from vendors like Checkpoi
Bleepingcomputer
Palo Alto Networks warns of firewall hijack bugs with public exploit
blogs_bleepingcomputer·2024-10-09·CVSS 9.3
[CRITICAL] Palo Alto Networks warns of firewall hijack bugs with public exploit
## Palo Alto Networks warns of firewall hijack bugs with public exploit
## Sergiu Gatlan
Palo Alto Networks warned customers today to patch security vulnerabilities (with public exploit code) that can be chained to let attackers hijack PAN-OS firewalls.
The flaws were found in Palo Alto Networks' Expedition solution, which helps migrate configurations from other Checkpoint, Cisco, or supported vendors.
They can be exploited to access sensitive data, such as user credentials, that can help take over firewall admin accounts.
"Multiple vulnerabilities in Palo Alto Networks Expedition allow an attacker to read Expedition database contents and arbitrary files, as well as write arbitrary files to temporary storage locations on the Expedition system," the company said in an advisory publishe
2024-10-09
Published