Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paloaltonetworks expedition vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2019-1569
The Expedition Migration tool 1.1.8 and previous versions may allow an authenticated malicious user to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user.
Paloaltonetworks Expedition
6.5
CVSSv3
CVE-2024-9464
An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated malicious user to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewa...
Paloaltonetworks Expedition
1 Metasploit module
1 Github repository
4 Articles
6.5
CVSSv3
CVE-2024-9466
A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated malicious user to reveal firewall usernames, passwords, and API keys generated using those credentials.
Paloaltonetworks Expedition
1 Github repository
1 Article
6.1
CVSSv3
CVE-2024-9467
A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user's browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser sess...
Paloaltonetworks Expedition
1 Article
9.8
CVSSv3
CVE-2024-5910
Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition. Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration se...
Paloaltonetworks Expedition
1 Metasploit module
1 Github repository
6 Articles
4.8
CVSSv3
CVE-2019-1570
The Expedition Migration tool 1.1.8 and previous versions may allow an authenticated malicious user to run arbitrary JavaScript or HTML in the LDAP server settings.
Paloaltonetworks Expedition
4.8
CVSSv3
CVE-2019-1571
The Expedition Migration tool 1.1.8 and previous versions may allow an authenticated malicious user to run arbitrary JavaScript or HTML in the RADIUS server settings.
Paloaltonetworks Expedition
7.5
CVSSv3
CVE-2024-9463
An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated malicious user to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS fire...
Paloaltonetworks Expedition
3 Articles
9.1
CVSSv3
CVE-2024-9465
An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated malicious user to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary...
Paloaltonetworks Expedition
3 Github repositories
3 Articles
7.5
CVSSv3
CVE-2018-10142
The Expedition Migration tool 1.0.106 and previous versions may allow an unauthenticated malicious user to enumerate files on the operating system.
Paloaltonetworks Expedition 1.0.106
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
local
IMAP
CVE-2024-8504
CVE-2024-42327
CVE-2024-11904
CVE-2024-47107
CVE-2024-53143
XML injection
CVE-2024-54750
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »