Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for Palo Alto Networks Expedition Migration Tool by Palo Alto

    CVE-2019-1571 (GCVE-0-2019-1571)

    Vulnerability from nvd – Published: 2019-03-26 22:08 – Updated: 2024-08-04 18:20
    VLAI
    Summary
    The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the RADIUS server settings.
    Severity
    No CVSS data available.
    CWE
    • Cross-site scripting
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Palo Alto Networks Expedition Migration Tool Affected: Expedition 1.1.8 and earlier
    Create a notification for this product.
    Date Public
    2019-03-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T18:20:27.865Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.tenable.com/security/research/tra-2019-13"
              },
              {
                "name": "107564",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/107564"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Palo Alto Networks Expedition Migration Tool",
              "vendor": "Palo Alto",
              "versions": [
                {
                  "status": "affected",
                  "version": "Expedition 1.1.8 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2019-03-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the RADIUS server settings."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cross-site scripting",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-03-26T22:09:16.000Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.tenable.com/security/research/tra-2019-13"
            },
            {
              "name": "107564",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/107564"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@paloaltonetworks.com",
              "ID": "CVE-2019-1571",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Palo Alto Networks Expedition Migration Tool",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Expedition 1.1.8 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Palo Alto"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the RADIUS server settings."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cross-site scripting"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142",
                  "refsource": "CONFIRM",
                  "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
                },
                {
                  "name": "https://www.tenable.com/security/research/tra-2019-13",
                  "refsource": "MISC",
                  "url": "https://www.tenable.com/security/research/tra-2019-13"
                },
                {
                  "name": "107564",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/107564"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2019-1571",
        "datePublished": "2019-03-26T22:08:44.000Z",
        "dateReserved": "2018-12-06T00:00:00.000Z",
        "dateUpdated": "2024-08-04T18:20:27.865Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-1570 (GCVE-0-2019-1570)

    Vulnerability from nvd – Published: 2019-03-26 21:46 – Updated: 2024-08-04 18:20
    VLAI
    Summary
    The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the LDAP server settings.
    Severity
    No CVSS data available.
    CWE
    • Cross-site scripting
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Palo Alto Networks Expedition Migration Tool Affected: Expedition 1.1.8 and earlier
    Create a notification for this product.
    Date Public
    2019-03-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T18:20:28.253Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.tenable.com/security/research/tra-2019-13"
              },
              {
                "name": "107564",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/107564"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Palo Alto Networks Expedition Migration Tool",
              "vendor": "Palo Alto",
              "versions": [
                {
                  "status": "affected",
                  "version": "Expedition 1.1.8 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2019-03-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the LDAP server settings."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cross-site scripting",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-03-26T21:51:10.000Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.tenable.com/security/research/tra-2019-13"
            },
            {
              "name": "107564",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/107564"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@paloaltonetworks.com",
              "ID": "CVE-2019-1570",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Palo Alto Networks Expedition Migration Tool",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Expedition 1.1.8 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Palo Alto"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the LDAP server settings."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cross-site scripting"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142",
                  "refsource": "CONFIRM",
                  "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
                },
                {
                  "name": "https://www.tenable.com/security/research/tra-2019-13",
                  "refsource": "MISC",
                  "url": "https://www.tenable.com/security/research/tra-2019-13"
                },
                {
                  "name": "107564",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/107564"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2019-1570",
        "datePublished": "2019-03-26T21:46:42.000Z",
        "dateReserved": "2018-12-06T00:00:00.000Z",
        "dateUpdated": "2024-08-04T18:20:28.253Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-1569 (GCVE-0-2019-1569)

    Vulnerability from nvd – Published: 2019-03-26 21:44 – Updated: 2024-08-04 18:20
    VLAI
    Summary
    The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user.
    Severity
    No CVSS data available.
    CWE
    • Cross-site scripting
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Palo Alto Networks Expedition Migration Tool Affected: Expedition 1.1.8 and earlier
    Create a notification for this product.
    Date Public
    2019-03-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T18:20:27.788Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.tenable.com/security/research/tra-2019-13"
              },
              {
                "name": "107564",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/107564"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Palo Alto Networks Expedition Migration Tool",
              "vendor": "Palo Alto",
              "versions": [
                {
                  "status": "affected",
                  "version": "Expedition 1.1.8 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2019-03-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cross-site scripting",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-03-26T21:50:25.000Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.tenable.com/security/research/tra-2019-13"
            },
            {
              "name": "107564",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/107564"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@paloaltonetworks.com",
              "ID": "CVE-2019-1569",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Palo Alto Networks Expedition Migration Tool",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Expedition 1.1.8 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Palo Alto"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cross-site scripting"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.tenable.com/security/research/tra-2019-13",
                  "refsource": "MISC",
                  "url": "https://www.tenable.com/security/research/tra-2019-13"
                },
                {
                  "name": "107564",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/107564"
                },
                {
                  "name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142",
                  "refsource": "MISC",
                  "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2019-1569",
        "datePublished": "2019-03-26T21:44:41.000Z",
        "dateReserved": "2018-12-06T00:00:00.000Z",
        "dateUpdated": "2024-08-04T18:20:27.788Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-1571 (GCVE-0-2019-1571)

    Vulnerability from cvelistv5 – Published: 2019-03-26 22:08 – Updated: 2024-08-04 18:20
    VLAI
    Summary
    The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the RADIUS server settings.
    Severity
    No CVSS data available.
    CWE
    • Cross-site scripting
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Palo Alto Networks Expedition Migration Tool Affected: Expedition 1.1.8 and earlier
    Create a notification for this product.
    Date Public
    2019-03-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T18:20:27.865Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.tenable.com/security/research/tra-2019-13"
              },
              {
                "name": "107564",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/107564"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Palo Alto Networks Expedition Migration Tool",
              "vendor": "Palo Alto",
              "versions": [
                {
                  "status": "affected",
                  "version": "Expedition 1.1.8 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2019-03-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the RADIUS server settings."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cross-site scripting",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-03-26T22:09:16.000Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.tenable.com/security/research/tra-2019-13"
            },
            {
              "name": "107564",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/107564"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@paloaltonetworks.com",
              "ID": "CVE-2019-1571",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Palo Alto Networks Expedition Migration Tool",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Expedition 1.1.8 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Palo Alto"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the RADIUS server settings."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cross-site scripting"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142",
                  "refsource": "CONFIRM",
                  "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
                },
                {
                  "name": "https://www.tenable.com/security/research/tra-2019-13",
                  "refsource": "MISC",
                  "url": "https://www.tenable.com/security/research/tra-2019-13"
                },
                {
                  "name": "107564",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/107564"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2019-1571",
        "datePublished": "2019-03-26T22:08:44.000Z",
        "dateReserved": "2018-12-06T00:00:00.000Z",
        "dateUpdated": "2024-08-04T18:20:27.865Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-1570 (GCVE-0-2019-1570)

    Vulnerability from cvelistv5 – Published: 2019-03-26 21:46 – Updated: 2024-08-04 18:20
    VLAI
    Summary
    The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the LDAP server settings.
    Severity
    No CVSS data available.
    CWE
    • Cross-site scripting
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Palo Alto Networks Expedition Migration Tool Affected: Expedition 1.1.8 and earlier
    Create a notification for this product.
    Date Public
    2019-03-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T18:20:28.253Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.tenable.com/security/research/tra-2019-13"
              },
              {
                "name": "107564",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/107564"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Palo Alto Networks Expedition Migration Tool",
              "vendor": "Palo Alto",
              "versions": [
                {
                  "status": "affected",
                  "version": "Expedition 1.1.8 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2019-03-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the LDAP server settings."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cross-site scripting",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-03-26T21:51:10.000Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.tenable.com/security/research/tra-2019-13"
            },
            {
              "name": "107564",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/107564"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@paloaltonetworks.com",
              "ID": "CVE-2019-1570",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Palo Alto Networks Expedition Migration Tool",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Expedition 1.1.8 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Palo Alto"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the LDAP server settings."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cross-site scripting"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142",
                  "refsource": "CONFIRM",
                  "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
                },
                {
                  "name": "https://www.tenable.com/security/research/tra-2019-13",
                  "refsource": "MISC",
                  "url": "https://www.tenable.com/security/research/tra-2019-13"
                },
                {
                  "name": "107564",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/107564"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2019-1570",
        "datePublished": "2019-03-26T21:46:42.000Z",
        "dateReserved": "2018-12-06T00:00:00.000Z",
        "dateUpdated": "2024-08-04T18:20:28.253Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-1569 (GCVE-0-2019-1569)

    Vulnerability from cvelistv5 – Published: 2019-03-26 21:44 – Updated: 2024-08-04 18:20
    VLAI
    Summary
    The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user.
    Severity
    No CVSS data available.
    CWE
    • Cross-site scripting
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Palo Alto Networks Expedition Migration Tool Affected: Expedition 1.1.8 and earlier
    Create a notification for this product.
    Date Public
    2019-03-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T18:20:27.788Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.tenable.com/security/research/tra-2019-13"
              },
              {
                "name": "107564",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/107564"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Palo Alto Networks Expedition Migration Tool",
              "vendor": "Palo Alto",
              "versions": [
                {
                  "status": "affected",
                  "version": "Expedition 1.1.8 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2019-03-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cross-site scripting",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-03-26T21:50:25.000Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.tenable.com/security/research/tra-2019-13"
            },
            {
              "name": "107564",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/107564"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@paloaltonetworks.com",
              "ID": "CVE-2019-1569",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Palo Alto Networks Expedition Migration Tool",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Expedition 1.1.8 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Palo Alto"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cross-site scripting"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.tenable.com/security/research/tra-2019-13",
                  "refsource": "MISC",
                  "url": "https://www.tenable.com/security/research/tra-2019-13"
                },
                {
                  "name": "107564",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/107564"
                },
                {
                  "name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142",
                  "refsource": "MISC",
                  "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2019-1569",
        "datePublished": "2019-03-26T21:44:41.000Z",
        "dateReserved": "2018-12-06T00:00:00.000Z",
        "dateUpdated": "2024-08-04T18:20:27.788Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }