Palo Alto Expedition up to 1.2.95 log file

Summaryinfo

A vulnerability identified as problematic has been detected in Palo Alto Expedition up to 1.2.95. This affects an unknown part. Performing a manipulation results in log file. This vulnerability is reported as CVE-2024-9466. The attack requires a local approach. No exploit exists. You should upgrade the affected component.

Detailsinfo

A vulnerability was found in Palo Alto Expedition up to 1.2.95. It has been classified as problematic. This affects some unknown functionality. The manipulation with an unknown input leads to a log file vulnerability. CWE is classifying the issue as CWE-532. Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information. This is going to have an impact on confidentiality. The summary by CVE is:

A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials.

The advisory is shared at security.paloaltonetworks.com. This vulnerability is uniquely identified as CVE-2024-9466 since 10/03/2024. The exploitability is told to be easy. An attack has to be approached locally. Neither technical details nor an exploit are publicly available. MITRE ATT&CK project uses the attack technique T1592 for this issue.

Upgrading to version 1.2.96 eliminates this vulnerability.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Productinfo

Vendor

• Palo Alto

Name

• Expedition

Version

• 1.2.0
• 1.2.1
• 1.2.2
• 1.2.3
• 1.2.4
• 1.2.5
• 1.2.6
• 1.2.7
• 1.2.8
• 1.2.9
• 1.2.10
• 1.2.11
• 1.2.12
• 1.2.13
• 1.2.14
• 1.2.15
• 1.2.16
• 1.2.17
• 1.2.18
• 1.2.19
• 1.2.20
• 1.2.21
• 1.2.22
• 1.2.23
• 1.2.24
• 1.2.25
• 1.2.26
• 1.2.27
• 1.2.28
• 1.2.29
• 1.2.30
• 1.2.31
• 1.2.32
• 1.2.33
• 1.2.34
• 1.2.35
• 1.2.36
• 1.2.37
• 1.2.38
• 1.2.39
• 1.2.40
• 1.2.41
• 1.2.42
• 1.2.43
• 1.2.44
• 1.2.45
• 1.2.46
• 1.2.47
• 1.2.48
• 1.2.49
• 1.2.50
• 1.2.51
• 1.2.52
• 1.2.53
• 1.2.54
• 1.2.55
• 1.2.56
• 1.2.57
• 1.2.58
• 1.2.59
• 1.2.60
• 1.2.61
• 1.2.62
• 1.2.63
• 1.2.64
• 1.2.65
• 1.2.66
• 1.2.67
• 1.2.68
• 1.2.69
• 1.2.70
• 1.2.71
• 1.2.72
• 1.2.73
• 1.2.74
• 1.2.75
• 1.2.76
• 1.2.77
• 1.2.78
• 1.2.79
• 1.2.80
• 1.2.81
• 1.2.82
• 1.2.83
• 1.2.84
• 1.2.85
• 1.2.86
• 1.2.87
• 1.2.88
• 1.2.89
• 1.2.90
• 1.2.91
• 1.2.92
• 1.2.93
• 1.2.94
• 1.2.95

License

• commercial

Website

• Vendor: https://www.paloaltonetworks.com/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Discussion