Unrated severityCISA KEVNVD Advisory· Published Jul 10, 2024· Updated Oct 21, 2025

Expedition: Missing Authentication Leads to Admin Account Takeover

CVE-2024-5910

Description

Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition.

Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue.

Affected products

Palo Alto Networks/Expeditionv5
Range: 1.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

security.paloaltonetworks.com/CVE-2024-5910mitrevendor-advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.073
exploit	0.030
kev	0.120
patch	0.000
ransomware	0.000