CVE-2024-9466

Medium

A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal…

palo_alto·CWE-532·Published 2024-10-09

CVSS

6.5

EPSS

0.11

KEV

Exploits

cve.orgen

213 chars

A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials.

NVDen

213 chars

NVDes

245 chars

Una vulnerabilidad de almacenamiento de texto plano de información confidencial en Palo Alto Networks Expedition permite a un atacante autenticado revelar nombres de usuario, contraseñas y claves API del firewall generadas con esas credenciales.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
4.0	Primary	cve.org	8.2	—	—	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber