mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
136 lines
5.6 KiB
JSON
136 lines
5.6 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2024-9466",
|
|
"ASSIGNER": "psirt@paloaltonetworks.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-532 Insertion of Sensitive Information into Log File",
|
|
"cweId": "CWE-532"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Palo Alto Networks",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Expedition",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "not down converted",
|
|
"x_cve_json_5_version_data": {
|
|
"versions": [
|
|
{
|
|
"changes": [
|
|
{
|
|
"at": "1.2.96",
|
|
"status": "unaffected"
|
|
}
|
|
],
|
|
"lessThan": "1.2.96",
|
|
"status": "affected",
|
|
"version": "1.2.0",
|
|
"versionType": "custom"
|
|
}
|
|
],
|
|
"defaultStatus": "unaffected"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010",
|
|
"refsource": "MISC",
|
|
"name": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
|
|
},
|
|
{
|
|
"url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/",
|
|
"refsource": "MISC",
|
|
"name": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/"
|
|
}
|
|
]
|
|
},
|
|
"generator": {
|
|
"engine": "Vulnogram 0.1.0-dev"
|
|
},
|
|
"source": {
|
|
"discovery": "EXTERNAL"
|
|
},
|
|
"work_around": [
|
|
{
|
|
"lang": "en",
|
|
"supportingMedia": [
|
|
{
|
|
"base64": false,
|
|
"type": "text/html",
|
|
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
|
|
}
|
|
],
|
|
"value": "Ensure networks access to Expedition is restricted to authorized users, hosts, or networks."
|
|
}
|
|
],
|
|
"exploit": [
|
|
{
|
|
"lang": "en",
|
|
"supportingMedia": [
|
|
{
|
|
"base64": false,
|
|
"type": "text/html",
|
|
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
|
|
}
|
|
],
|
|
"value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
|
|
}
|
|
],
|
|
"solution": [
|
|
{
|
|
"lang": "en",
|
|
"supportingMedia": [
|
|
{
|
|
"base64": false,
|
|
"type": "text/html",
|
|
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.<br><br>The affected cleartext file will be removed automatically during the upgrade.<br><br>All Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.<br><br>All firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
|
|
}
|
|
],
|
|
"value": "The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nThe affected cleartext file will be removed automatically during the upgrade.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."
|
|
}
|
|
],
|
|
"credits": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Zach Hanley (@hacks_zach) of Horizon3.ai"
|
|
}
|
|
]
|
|
} |