CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

paloaltonetworks

expedition_migration_tool

3 known vulnerabilities · sorted by CVSS score

CVE-2020-1977

HIGH7.5

Insufficient Cross-Site Request Forgery (XSRF) protection on Expedition Migration Tool allows remote unauthenticated attackers to hijack the authentication of administrators and to perform actions on the Expedition Migration Tool. This issue affects Expedition Migration Tool 1.1.51 and earlier versions.

paloaltonetworks / expedition_migration_tool

Network

Published Feb 12, 2020

CVE-2019-1567

MEDIUM5.4

The Expedition Migration tool 1.1.6 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings.

paloaltonetworks / expedition_migration_tool

Network

Published Apr 9, 2019

CVE-2019-1574

MEDIUM5.4

Cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition Migration tool 1.1.12 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the Devices View.

paloaltonetworks / expedition_migration_tool

Network

Published Apr 12, 2019