CVE-2024-9466

Sažetak

A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials.

Reference

https://security.paloaltonetworks.com/PAN-SA-2024-0010
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

CVSS

Base:	6.5
Impact:	3.6
Exploitability:	2.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	NONE	NONE

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Zadnje važnije ažuriranje

17-10-2024 - 06:15

Objavljeno

09-10-2024 - 17:15