Palo Alto Networks Expedition Multiple Vulnerabilities (CVE-2024-9463)

critical Nessus Plugin ID 209281

Synopsis

A firewall solution installed on the remote host is affected by multiple vulnerabilities.

Description

The Palo Alto Networks Expedition installed on the remote host is affected by multiple vulnerabilities, including:

- An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls. (CVE-2024-9463)
- An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls. (CVE-2024-9464)

- An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system. (CVE-2024-9465)

Solution

Upgrade to Palo Alto Networks Expedition 1.2.96 or later.

See Also

http://www.nessus.org/u?033434d5

Plugin Details

Severity: Critical

ID: 209281

File Name: palo_alto_expedition_CVE-2024-9463.nbin

Version: 1.10

Type: remote

Family: CGI abuses

Published: 10/18/2024

Updated: 11/22/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.7

CVSS v2

Risk Factor: High

Base Score: 9.4

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N

CVSS Score Source: CVE-2024-9465

CVSS v3

Risk Factor: Critical

Base Score: 9.1

Temporal Score: 8.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:paloaltonetworks:expedition_migration_tool

Required KB Items: installed_sw/Palo Alto Expedition

Exploit Available: true

Exploit Ease: Exploits are available

Exploited by Nessus: true

Patch Publication Date: 10/2/2024

Vulnerability Publication Date: 10/9/2024

CISA Known Exploited Vulnerability Due Dates: 12/5/2024

Reference Information

CVE: CVE-2024-9463, CVE-2024-9464, CVE-2024-9465, CVE-2024-9466, CVE-2024-9467