← Back to CVEs
CVE-2024-9465
CRITICALCISA KEV9.1
Description
An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system.
CVE Details
CVSS v3.1 Score9.1
SeverityCRITICAL
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published10/9/2024
Last Modified11/4/2025
Sourcekev
Honeypot Sightings0
CISA KEV
VendorPalo Alto Networks
ProductExpedition
Vulnerability NamePalo Alto Networks Expedition SQL Injection Vulnerability
KEV Date Added2024-11-14
Remediation Due Date2024-12-05
Ransomware UseUnknown
Affected Products
paloaltonetworks:expedition
Weaknesses (CWE)
CWE-89CWE-89
References
https://security.paloaltonetworks.com/PAN-SA-2024-0010(psirt@paloaltonetworks.com)
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/(psirt@paloaltonetworks.com)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9465(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.