CVE-2024-5910

CVE Database · CVE-2024-5910

CVE-2024-5910

· CRITICALAnalyzed

CVSS v3.1

9.8

CVSS v4.0

9.3

EPSS

91.68%

Published

Jul 10, 2024

Modified

Nov 4, 2025

CISA Known Exploited Vulnerability

Added: 2024-11-07 · Due: 2024-11-28

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Public PoC / Exploit (4)

All weaponized →

Exploit-DBPalo Alto Networks Expedition 1.2.90.1 - Admin Account Takeover NucleiNuclei detection template TrickestTrickest PoC index GitHub PoCp33d/Palo-Alto-Expedition-Remote-Code-Execution-Exploit-CVE-2024-5910-CVE-2024-9464★0

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition. Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-306CWE-306

Affected Products (1)

paloaltonetworks · expedition (up to 1.2.92)vulnerable

References (4)

https://security.paloaltonetworks.com/CVE-2024-5910

Vendor Advisory

https://security.paloaltonetworks.com/CVE-2024-5910

Vendor Advisory

https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise

ExploitThird Party Advisory

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-5910

US Government Resource

KEV Catalog EPSS Scores Vendors All CVEs