COOEY // HUBcompliance · community · intelligence

FAIL › dossier

Expedition product

3
failure events
0
zero-days
1
RCEs
3
on KEV
0
critical
65
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 3 events

DateEventSevFlagsShameSummary
2024-11-14 CVE-2024-9463 high ⚡RCE ⌖KEV 65 Palo Alto Networks Expedition contains an OS command injection vulnerability that allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS
2024-11-14 CVE-2024-9465 high ⌖KEV 50 Palo Alto Networks Expedition contains a SQL injection vulnerability that allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbit
2024-11-07 CVE-2024-5910 high ⌖KEV 50 Palo Alto Networks Expedition contains a missing authentication vulnerability that allows an attacker with network access to takeover an Expedition admin account and potentially access configuration secrets, credentials, and other data.