Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paloaltonetworks expedition migration tool vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2020-1977
Insufficient Cross-Site Request Forgery (XSRF) protection on Expedition Migration Tool allows remote unauthenticated malicious users to hijack the authentication of administrators and to perform actions on the Expedition Migration Tool. This issue affects Expedition Migration Too...
Paloaltonetworks Expedition Migration Tool
3.5
CVSSv2
CVE-2019-1567
The Expedition Migration tool 1.1.6 and previous versions may allow an authenticated malicious user to run arbitrary JavaScript or HTML in the User Mapping Settings.
Paloaltonetworks Expedition Migration Tool
3.5
CVSSv2
CVE-2019-1574
Cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition Migration tool 1.1.12 and previous versions may allow an authenticated malicious user to run arbitrary JavaScript or HTML in the Devices View.
Paloaltonetworks Expedition Migration Tool
3.5
CVSSv2
CVE-2019-1570
The Expedition Migration tool 1.1.8 and previous versions may allow an authenticated malicious user to run arbitrary JavaScript or HTML in the LDAP server settings.
Paloaltonetworks Expedition
3.5
CVSSv2
CVE-2019-1569
The Expedition Migration tool 1.1.8 and previous versions may allow an authenticated malicious user to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user.
Paloaltonetworks Expedition
3.5
CVSSv2
CVE-2019-1571
The Expedition Migration tool 1.1.8 and previous versions may allow an authenticated malicious user to run arbitrary JavaScript or HTML in the RADIUS server settings.
Paloaltonetworks Expedition
5
CVSSv2
CVE-2018-10142
The Expedition Migration tool 1.0.106 and previous versions may allow an unauthenticated malicious user to enumerate files on the operating system.
Paloaltonetworks Expedition 1.0.106
10
CVSSv2
CVE-2018-10143
The Palo Alto Networks Expedition Migration tool 1.0.107 and previous versions may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application.
Paloaltonetworks Expedition 1.0.107
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started