Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Expedition Migration Tool by Palo Alto Networks

    CVE-2019-1574 (GCVE-0-2019-1574)

    Vulnerability from nvd – Published: 2019-04-12 16:57 – Updated: 2024-08-04 18:20
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition Migration tool 1.1.12 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the Devices View.
    Severity
    No CVSS data available.
    CWE
    • Cross-site scripting
    Assigner
    References
    Impacted products
    Date Public
    2019-04-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T18:20:28.244Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "107900",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/107900"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.paloaltonetworks.com/CVE-2019-1574"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Expedition Migration Tool",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.1.12 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2019-04-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition Migration tool 1.1.12 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the Devices View."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cross-site scripting",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-17T16:03:48.000Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "name": "107900",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/107900"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2019-1574"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@paloaltonetworks.com",
              "ID": "CVE-2019-1574",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Expedition Migration Tool",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "1.1.12 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Palo Alto Networks"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition Migration tool 1.1.12 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the Devices View."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cross-site scripting"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "107900",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/107900"
                },
                {
                  "name": "https://security.paloaltonetworks.com/CVE-2019-1574",
                  "refsource": "CONFIRM",
                  "url": "https://security.paloaltonetworks.com/CVE-2019-1574"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2019-1574",
        "datePublished": "2019-04-12T16:57:14.000Z",
        "dateReserved": "2018-12-06T00:00:00.000Z",
        "dateUpdated": "2024-08-04T18:20:28.244Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-1574 (GCVE-0-2019-1574)

    Vulnerability from cvelistv5 – Published: 2019-04-12 16:57 – Updated: 2024-08-04 18:20
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition Migration tool 1.1.12 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the Devices View.
    Severity
    No CVSS data available.
    CWE
    • Cross-site scripting
    Assigner
    References
    Impacted products
    Date Public
    2019-04-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T18:20:28.244Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "107900",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/107900"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.paloaltonetworks.com/CVE-2019-1574"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Expedition Migration Tool",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.1.12 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2019-04-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition Migration tool 1.1.12 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the Devices View."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cross-site scripting",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-17T16:03:48.000Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "name": "107900",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/107900"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2019-1574"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@paloaltonetworks.com",
              "ID": "CVE-2019-1574",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Expedition Migration Tool",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "1.1.12 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Palo Alto Networks"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition Migration tool 1.1.12 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the Devices View."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cross-site scripting"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "107900",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/107900"
                },
                {
                  "name": "https://security.paloaltonetworks.com/CVE-2019-1574",
                  "refsource": "CONFIRM",
                  "url": "https://security.paloaltonetworks.com/CVE-2019-1574"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2019-1574",
        "datePublished": "2019-04-12T16:57:14.000Z",
        "dateReserved": "2018-12-06T00:00:00.000Z",
        "dateUpdated": "2024-08-04T18:20:28.244Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }