Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Moderate

CVE-2024-5910

Disclosure Date: July 10, 2024 (last updated November 09, 2024)
Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition. Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue.
Attacker Value
Low

CVE-2024-9464

Disclosure Date: October 09, 2024 (last updated October 16, 2024)
An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.