Palo Alto Networks Expedition 1.2 版本至 1.2.91 版本存在一个严重漏洞，攻击者可以通过未经身份验证的访问，获取 Expedition 管理员账户的控制权。该漏洞影响的是 Expedition 的一个关键功能，但 Expedition 本身并非核心服务，主要用于配置迁移，并不提供关键功能。

💥 **漏洞描述:** Palo Alto Networks Expedition 1.2 版本至 1.2.91 版本存在一个严重漏洞 CVE-2024-5910，该漏洞源于 Expedition 中一个关键功能缺少身份验证，攻击者可以利用该漏洞获取 Expedition 管理员账户的控制权。

🛡️ **影响范围:** 受到影响的版本为 Expedition 1.2 版本至 1.2.91 版本，而 Expedition 1.2.92 及更高版本已修复该漏洞。

💡 **解决方案:** Palo Alto Networks 建议用户尽快更新 Expedition 至 1.2.92 版本或更高版本，以修复该漏洞并确保系统安全。

🤝 **致谢:** Palo Alto Networks 感谢 Synopsys CyRC 的 Brian Hysell 发现并报告了此漏洞。

⏳ **时间线:** 该漏洞于 2024 年 7 月 10 日首次公开发布。

Palo Alto Networks Security Advisories /CVE-2024-5910CVE-2024-5910 Expedition: Missing Authentication Leads to Admin Account TakeoverUrgencyHIGHESTResponse EffortMODERATERecoveryUSERValue DensityDIFFUSEAttack VectorNETWORKAttack ComplexityLOWAttack RequirementsNONEAutomatableYESUser InteractionNONEProduct ConfidentialityHIGHProduct IntegrityHIGHProduct AvailabilityHIGHPrivileges RequiredNONESubsequent ConfidentialityLOWSubsequent IntegrityLOWSubsequent AvailabilityLOWNVDJSON Published2024-07-10 Updated2024-07-10ReferenceDiscoveredexternallyDescriptionMissing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover.Note: Expedition is a non-essential service aiding in configuration migration and is not something that offers any critical functionality.Product StatusVersionsAffectedUnaffectedExpedition 1.2< 1.2.92>= 1.2.92Severity:CRITICALCVSSv4.0Base Score:9.3 (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/AU:Y/R:U/V:D/RE:M/U:Red)Exploitation StatusPalo Alto Networks is not aware of any malicious exploitation of this issue.Weakness TypeCWE-306 Missing Authentication for Critical FunctionSolutionThis issue is fixed in Expedition 1.2.92 and all later versions.AcknowledgmentsPalo Alto Networks thanks Brian Hysell (Synopsys CyRC) for discovering and reporting this issue.Timeline2024-07-10Initial publication