Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition. Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue.
Solution:
Workaround:
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
| Link | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2024-5910 | vendor advisory |
| https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise | exploit third party advisory |