CVE-2024-5910 Expedition: Missing Authentication Leads to Admin Account Takeover

2024-07-1018:39:26

CWE-306

palo_alto

www.cve.org

expedition

admin account takeover

missing authentication

cve-2024-5910

palo alto networks

configuration migration

credential risk

CVSS4

9.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/SC:L/VI:H/SI:L/VA:H/SA:L/AU:Y/U:Red/R:U/V:D/RE:M

EPSS

Percentile

9.3%

JSON

Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition.

Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Expedition",
    "vendor": "Palo Alto Networks",
    "versions": [
      {
        "changes": [
          {
            "at": "1.2.92",
            "status": "unaffected"
          }
        ],
        "lessThan": "1.2.92",
        "status": "affected",
        "version": "1.2",
        "versionType": "custom"
      }
    ]
  }
]