Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for Palo Alto Networks Expedition by Palo Alto Networks

    CVE-2018-10143 (GCVE-0-2018-10143)

    Vulnerability from nvd – Published: 2018-12-12 00:00 – Updated: 2024-08-05 07:32
    VLAI
    Summary
    The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application.
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Palo Alto Networks Expedition Affected: Expedition 1.0.107 and earlier
    Create a notification for this product.
    Date Public
    2018-12-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T07:32:01.467Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "106174",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106174"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://doddsecurity.com/234/command-injection-on-palo-alto-networks-expedition/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.paloaltonetworks.com/CVE-2018-10143"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Palo Alto Networks Expedition",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "affected",
                  "version": "Expedition 1.0.107 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2018-12-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-17T16:03:46.000Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "name": "106174",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106174"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://doddsecurity.com/234/command-injection-on-palo-alto-networks-expedition/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2018-10143"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@paloaltonetworks.com",
              "ID": "CVE-2018-10143",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Palo Alto Networks Expedition",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Expedition 1.0.107 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Palo Alto Networks"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "106174",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106174"
                },
                {
                  "name": "https://doddsecurity.com/234/command-injection-on-palo-alto-networks-expedition/",
                  "refsource": "MISC",
                  "url": "https://doddsecurity.com/234/command-injection-on-palo-alto-networks-expedition/"
                },
                {
                  "name": "https://security.paloaltonetworks.com/CVE-2018-10143",
                  "refsource": "CONFIRM",
                  "url": "https://security.paloaltonetworks.com/CVE-2018-10143"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2018-10143",
        "datePublished": "2018-12-12T00:00:00.000Z",
        "dateReserved": "2018-04-16T00:00:00.000Z",
        "dateUpdated": "2024-08-05T07:32:01.467Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-10142 (GCVE-0-2018-10142)

    Vulnerability from nvd – Published: 2018-11-27 21:00 – Updated: 2024-08-05 07:32
    VLAI
    Summary
    The Expedition Migration tool 1.0.106 and earlier may allow an unauthenticated attacker to enumerate files on the operating system.
    Severity
    No CVSS data available.
    CWE
    • Information Disclosure
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Palo Alto Networks Expedition Affected: Expedition 1.0.106 and earlier
    Create a notification for this product.
    Date Public
    2018-11-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T07:32:01.490Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "106069",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106069"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.paloaltonetworks.com/CVE-2018-10142"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Palo Alto Networks Expedition",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "affected",
                  "version": "Expedition 1.0.106 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2018-11-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Expedition Migration tool 1.0.106 and earlier may allow an unauthenticated attacker to enumerate files on the operating system."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-17T16:03:46.000Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "name": "106069",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106069"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2018-10142"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@paloaltonetworks.com",
              "ID": "CVE-2018-10142",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Palo Alto Networks Expedition",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Expedition 1.0.106 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Palo Alto Networks"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Expedition Migration tool 1.0.106 and earlier may allow an unauthenticated attacker to enumerate files on the operating system."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "106069",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106069"
                },
                {
                  "name": "https://security.paloaltonetworks.com/CVE-2018-10142",
                  "refsource": "CONFIRM",
                  "url": "https://security.paloaltonetworks.com/CVE-2018-10142"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2018-10142",
        "datePublished": "2018-11-27T21:00:00.000Z",
        "dateReserved": "2018-04-16T00:00:00.000Z",
        "dateUpdated": "2024-08-05T07:32:01.490Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-10143 (GCVE-0-2018-10143)

    Vulnerability from cvelistv5 – Published: 2018-12-12 00:00 – Updated: 2024-08-05 07:32
    VLAI
    Summary
    The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application.
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Palo Alto Networks Expedition Affected: Expedition 1.0.107 and earlier
    Create a notification for this product.
    Date Public
    2018-12-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T07:32:01.467Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "106174",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106174"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://doddsecurity.com/234/command-injection-on-palo-alto-networks-expedition/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.paloaltonetworks.com/CVE-2018-10143"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Palo Alto Networks Expedition",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "affected",
                  "version": "Expedition 1.0.107 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2018-12-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-17T16:03:46.000Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "name": "106174",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106174"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://doddsecurity.com/234/command-injection-on-palo-alto-networks-expedition/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2018-10143"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@paloaltonetworks.com",
              "ID": "CVE-2018-10143",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Palo Alto Networks Expedition",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Expedition 1.0.107 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Palo Alto Networks"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "106174",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106174"
                },
                {
                  "name": "https://doddsecurity.com/234/command-injection-on-palo-alto-networks-expedition/",
                  "refsource": "MISC",
                  "url": "https://doddsecurity.com/234/command-injection-on-palo-alto-networks-expedition/"
                },
                {
                  "name": "https://security.paloaltonetworks.com/CVE-2018-10143",
                  "refsource": "CONFIRM",
                  "url": "https://security.paloaltonetworks.com/CVE-2018-10143"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2018-10143",
        "datePublished": "2018-12-12T00:00:00.000Z",
        "dateReserved": "2018-04-16T00:00:00.000Z",
        "dateUpdated": "2024-08-05T07:32:01.467Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-10142 (GCVE-0-2018-10142)

    Vulnerability from cvelistv5 – Published: 2018-11-27 21:00 – Updated: 2024-08-05 07:32
    VLAI
    Summary
    The Expedition Migration tool 1.0.106 and earlier may allow an unauthenticated attacker to enumerate files on the operating system.
    Severity
    No CVSS data available.
    CWE
    • Information Disclosure
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Palo Alto Networks Expedition Affected: Expedition 1.0.106 and earlier
    Create a notification for this product.
    Date Public
    2018-11-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T07:32:01.490Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "106069",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106069"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.paloaltonetworks.com/CVE-2018-10142"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Palo Alto Networks Expedition",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "affected",
                  "version": "Expedition 1.0.106 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2018-11-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Expedition Migration tool 1.0.106 and earlier may allow an unauthenticated attacker to enumerate files on the operating system."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-17T16:03:46.000Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "name": "106069",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106069"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2018-10142"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@paloaltonetworks.com",
              "ID": "CVE-2018-10142",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Palo Alto Networks Expedition",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Expedition 1.0.106 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Palo Alto Networks"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Expedition Migration tool 1.0.106 and earlier may allow an unauthenticated attacker to enumerate files on the operating system."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "106069",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106069"
                },
                {
                  "name": "https://security.paloaltonetworks.com/CVE-2018-10142",
                  "refsource": "CONFIRM",
                  "url": "https://security.paloaltonetworks.com/CVE-2018-10142"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2018-10142",
        "datePublished": "2018-11-27T21:00:00.000Z",
        "dateReserved": "2018-04-16T00:00:00.000Z",
        "dateUpdated": "2024-08-05T07:32:01.490Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }