Palo Alto Expedition Exposed: Critical Vulnerabilities Threaten Network Security
On July 10, 2024, a critical vulnerability identified as CVE-2024-5910 was disclosed by Palo Alto Networks affecting their Expedition application, which is used to migrate network device configurations to Palo Alto Networks. This vulnerability could allow attackers to remotely reset administrator credentials if they had network access. Further investigation uncovered additional vulnerabilities, including CVE-2024-9464, which enabled command execution on the server to retrieve credentials, CVE-2024-9465, an unauthenticated SQL injection, and CVE-2024-9466, where credentials were logged in plaintext. These security flaws posed a significant risk as they allowed attackers to access sensitive information without needing an account. At the time of the report, 23 publicly accessible Expedition servers were found online, highlighting the urgency for patching these vulnerabilities to protect the data stored on the servers. In summary, multiple critical vulnerabilities were found in Palo Alto Networks' Expedition application, including one that allowed attackers to reset admin credentials and others that enabled unauthorized access to sensitive information. The discovery of these flaws underscores the importance of promptly patching such vulnerabilities to safeguard network security. CVEs: CVE-2024-5910, CVE-2024-9464, CVE-2024-9465, CVE-2024-9466 [View Article](https://securityexpress.info/palo-alto-expedition-exposed-critical-vulnerabilities-threaten-network-security/)