CISA Alert: CVE-2024-5910 - Expedition - Unknown Vendor Vulnerability

[ums91]

Vulnerability Details

• Name: CVE-2024-5910
• CVE ID: CVE-2024-5910
• Vendor: Unknown Vendor
• Product: Expedition
• Description: Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition.

Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue.

• Date Added: N/A
• Due Date: N/A
• Required Action: N/A
• CWE ID: N/A
• CWE Name: N/A
• Base Score: N/A
• Severity: Unknown

CISA Vulnerability Information

• Date Added to CISA: 2024-11-07
• Notes: https://security.paloaltonetworks.com/CVE-2024-5910 ; https://nvd.nist.gov/vuln/detail/CVE-2024-5910
• Related Products:

Recommended Action

Please review the vulnerability and apply the recommended patches or mitigations.

Source: CISA KEV Catalog

[ums91]

Reviewed the Vulnerability and applied the recommended patches/mitigations/remediation.