CVE-2025-0103 — SQL Injection in Palo Alto Networks Expedition

CWE-89 — SQL Injection3 documents3 sources

Severity

9.2CRITICALNVD

EPSS

0.5%

top 36.12%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Palo Alto Networks Expedition Paloaltonetworks Expedition

Timeline

PublishedJan 11

Description

An SQL injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. This vulnerability also enables attackers to create and read arbitrary files on the Expedition system.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:H/SI:N/SA:N

Affected Packages2 packages

▶NVDpaloaltonetworks/expedition< 1.2.101

▶CVEListV5palo_alto_networks/expedition1 — 1.2.100

🔴Vulnerability Details

GHSA

GHSA-cv6f-rw49-r829: An SQL injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to reveal Expedition database contents, such as pass↗2025-01-11

▶

CVEList

Expedition: SQL Injection Vulnerability↗2025-01-11

▶