The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/106174 | Third Party Advisory VDB Entry |
https://doddsecurity.com/234/command-injection-on-palo-alto-networks-expedition/ | Exploit Third Party Advisory |
https://security.paloaltonetworks.com/CVE-2018-10143 |
Configurations
History
No history.
Information
Published : 2018-12-12 00:29
Updated : 2024-02-28 16:48
NVD link : CVE-2018-10143
Mitre link : CVE-2018-10143
CVE.ORG link : CVE-2018-10143
JSON object : View
Products Affected
paloaltonetworks
- expedition
CWE
CWE-269
Improper Privilege Management