Search criteria
6 vulnerabilities found for Palo Alto Networks Expedition Migration Tool by Palo Alto
CVE-2019-1571 (GCVE-0-2019-1571)
Vulnerability from nvd – Published: 2019-03-26 22:08 – Updated: 2024-08-04 18:20
VLAI
Summary
The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the RADIUS server settings.
Severity
No CVSS data available.
CWE
- Cross-site scripting
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://securityadvisories.paloaltonetworks.com/H… | x_refsource_CONFIRM |
| https://www.tenable.com/security/research/tra-2019-13 | x_refsource_MISC |
| http://www.securityfocus.com/bid/107564 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Palo Alto | Palo Alto Networks Expedition Migration Tool |
Affected:
Expedition 1.1.8 and earlier
|
Date Public
2019-03-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:27.865Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107564"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Palo Alto Networks Expedition Migration Tool",
"vendor": "Palo Alto",
"versions": [
{
"status": "affected",
"version": "Expedition 1.1.8 and earlier"
}
]
}
],
"datePublic": "2019-03-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the RADIUS server settings."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-26T22:09:16.000Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107564"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"ID": "CVE-2019-1571",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Palo Alto Networks Expedition Migration Tool",
"version": {
"version_data": [
{
"version_value": "Expedition 1.1.8 and earlier"
}
]
}
}
]
},
"vendor_name": "Palo Alto"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the RADIUS server settings."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142",
"refsource": "CONFIRM",
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"name": "https://www.tenable.com/security/research/tra-2019-13",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107564"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2019-1571",
"datePublished": "2019-03-26T22:08:44.000Z",
"dateReserved": "2018-12-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T18:20:27.865Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1570 (GCVE-0-2019-1570)
Vulnerability from nvd – Published: 2019-03-26 21:46 – Updated: 2024-08-04 18:20
VLAI
Summary
The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the LDAP server settings.
Severity
No CVSS data available.
CWE
- Cross-site scripting
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://securityadvisories.paloaltonetworks.com/H… | x_refsource_CONFIRM |
| https://www.tenable.com/security/research/tra-2019-13 | x_refsource_MISC |
| http://www.securityfocus.com/bid/107564 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Palo Alto | Palo Alto Networks Expedition Migration Tool |
Affected:
Expedition 1.1.8 and earlier
|
Date Public
2019-03-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:28.253Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107564"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Palo Alto Networks Expedition Migration Tool",
"vendor": "Palo Alto",
"versions": [
{
"status": "affected",
"version": "Expedition 1.1.8 and earlier"
}
]
}
],
"datePublic": "2019-03-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the LDAP server settings."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-26T21:51:10.000Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107564"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"ID": "CVE-2019-1570",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Palo Alto Networks Expedition Migration Tool",
"version": {
"version_data": [
{
"version_value": "Expedition 1.1.8 and earlier"
}
]
}
}
]
},
"vendor_name": "Palo Alto"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the LDAP server settings."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142",
"refsource": "CONFIRM",
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"name": "https://www.tenable.com/security/research/tra-2019-13",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107564"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2019-1570",
"datePublished": "2019-03-26T21:46:42.000Z",
"dateReserved": "2018-12-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T18:20:28.253Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1569 (GCVE-0-2019-1569)
Vulnerability from nvd – Published: 2019-03-26 21:44 – Updated: 2024-08-04 18:20
VLAI
Summary
The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user.
Severity
No CVSS data available.
CWE
- Cross-site scripting
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.tenable.com/security/research/tra-2019-13 | x_refsource_MISC |
| http://www.securityfocus.com/bid/107564 | vdb-entryx_refsource_BID |
| https://securityadvisories.paloaltonetworks.com/H… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Palo Alto | Palo Alto Networks Expedition Migration Tool |
Affected:
Expedition 1.1.8 and earlier
|
Date Public
2019-03-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:27.788Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107564"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Palo Alto Networks Expedition Migration Tool",
"vendor": "Palo Alto",
"versions": [
{
"status": "affected",
"version": "Expedition 1.1.8 and earlier"
}
]
}
],
"datePublic": "2019-03-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-26T21:50:25.000Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107564"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"ID": "CVE-2019-1569",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Palo Alto Networks Expedition Migration Tool",
"version": {
"version_data": [
{
"version_value": "Expedition 1.1.8 and earlier"
}
]
}
}
]
},
"vendor_name": "Palo Alto"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/research/tra-2019-13",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107564"
},
{
"name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142",
"refsource": "MISC",
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2019-1569",
"datePublished": "2019-03-26T21:44:41.000Z",
"dateReserved": "2018-12-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T18:20:27.788Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1571 (GCVE-0-2019-1571)
Vulnerability from cvelistv5 – Published: 2019-03-26 22:08 – Updated: 2024-08-04 18:20
VLAI
Summary
The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the RADIUS server settings.
Severity
No CVSS data available.
CWE
- Cross-site scripting
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://securityadvisories.paloaltonetworks.com/H… | x_refsource_CONFIRM |
| https://www.tenable.com/security/research/tra-2019-13 | x_refsource_MISC |
| http://www.securityfocus.com/bid/107564 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Palo Alto | Palo Alto Networks Expedition Migration Tool |
Affected:
Expedition 1.1.8 and earlier
|
Date Public
2019-03-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:27.865Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107564"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Palo Alto Networks Expedition Migration Tool",
"vendor": "Palo Alto",
"versions": [
{
"status": "affected",
"version": "Expedition 1.1.8 and earlier"
}
]
}
],
"datePublic": "2019-03-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the RADIUS server settings."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-26T22:09:16.000Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107564"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"ID": "CVE-2019-1571",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Palo Alto Networks Expedition Migration Tool",
"version": {
"version_data": [
{
"version_value": "Expedition 1.1.8 and earlier"
}
]
}
}
]
},
"vendor_name": "Palo Alto"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the RADIUS server settings."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142",
"refsource": "CONFIRM",
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"name": "https://www.tenable.com/security/research/tra-2019-13",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107564"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2019-1571",
"datePublished": "2019-03-26T22:08:44.000Z",
"dateReserved": "2018-12-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T18:20:27.865Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1570 (GCVE-0-2019-1570)
Vulnerability from cvelistv5 – Published: 2019-03-26 21:46 – Updated: 2024-08-04 18:20
VLAI
Summary
The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the LDAP server settings.
Severity
No CVSS data available.
CWE
- Cross-site scripting
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://securityadvisories.paloaltonetworks.com/H… | x_refsource_CONFIRM |
| https://www.tenable.com/security/research/tra-2019-13 | x_refsource_MISC |
| http://www.securityfocus.com/bid/107564 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Palo Alto | Palo Alto Networks Expedition Migration Tool |
Affected:
Expedition 1.1.8 and earlier
|
Date Public
2019-03-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:28.253Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107564"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Palo Alto Networks Expedition Migration Tool",
"vendor": "Palo Alto",
"versions": [
{
"status": "affected",
"version": "Expedition 1.1.8 and earlier"
}
]
}
],
"datePublic": "2019-03-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the LDAP server settings."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-26T21:51:10.000Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107564"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"ID": "CVE-2019-1570",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Palo Alto Networks Expedition Migration Tool",
"version": {
"version_data": [
{
"version_value": "Expedition 1.1.8 and earlier"
}
]
}
}
]
},
"vendor_name": "Palo Alto"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the LDAP server settings."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142",
"refsource": "CONFIRM",
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
},
{
"name": "https://www.tenable.com/security/research/tra-2019-13",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107564"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2019-1570",
"datePublished": "2019-03-26T21:46:42.000Z",
"dateReserved": "2018-12-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T18:20:28.253Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1569 (GCVE-0-2019-1569)
Vulnerability from cvelistv5 – Published: 2019-03-26 21:44 – Updated: 2024-08-04 18:20
VLAI
Summary
The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user.
Severity
No CVSS data available.
CWE
- Cross-site scripting
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.tenable.com/security/research/tra-2019-13 | x_refsource_MISC |
| http://www.securityfocus.com/bid/107564 | vdb-entryx_refsource_BID |
| https://securityadvisories.paloaltonetworks.com/H… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Palo Alto | Palo Alto Networks Expedition Migration Tool |
Affected:
Expedition 1.1.8 and earlier
|
Date Public
2019-03-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:27.788Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107564"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Palo Alto Networks Expedition Migration Tool",
"vendor": "Palo Alto",
"versions": [
{
"status": "affected",
"version": "Expedition 1.1.8 and earlier"
}
]
}
],
"datePublic": "2019-03-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-26T21:50:25.000Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107564"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"ID": "CVE-2019-1569",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Palo Alto Networks Expedition Migration Tool",
"version": {
"version_data": [
{
"version_value": "Expedition 1.1.8 and earlier"
}
]
}
}
]
},
"vendor_name": "Palo Alto"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/research/tra-2019-13",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2019-13"
},
{
"name": "107564",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107564"
},
{
"name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142",
"refsource": "MISC",
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2019-1569",
"datePublished": "2019-03-26T21:44:41.000Z",
"dateReserved": "2018-12-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T18:20:27.788Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}