CVE-2024-9466

Summary

A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials.

Affected Software

VendorProductVersion RangeStatus
Palo Alto NetworksExpedition1.2.0 < 1.2.96affected

Weaknesses

  • CWE-532: CWE-532 Insertion of Sensitive Information into Log File

Workarounds

Ensure networks access to Expedition is restricted to authorized users, hosts, or networks.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References