diff --git a/http/cves/2024/CVE-2024-9474.yaml b/http/cves/2024/CVE-2024-9474.yaml
index c48a53c139..60b68c47c7 100644
--- a/http/cves/2024/CVE-2024-9474.yaml
+++ b/http/cves/2024/CVE-2024-9474.yaml
@@ -16,6 +16,8 @@ info:
     epss-percentile: 0.89926
     cpe: cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
   metadata:
+    verified: true
+    max-request: 3
     vendor: paloaltonetworks
     product: pan-os
     shodan-query:
@@ -24,6 +26,8 @@ info:
     fofa-query: icon_hash="-631559155"
   tags: cve,cve2024,panos,rce,kev
 
+flow: http(1) && http(2) && http(3)
+
 variables:
   rand: "{{to_lower(rand_text_alpha(5))}}"
 
@@ -38,8 +42,8 @@ http:
       - type: dsl
         dsl:
           - 'status_code == 200'
-          - 'contains_all(headers, "Expires: 0", "PHPSESSID=", "application/json")'
           - 'contains(body, "0.0.0")'
+          - 'contains_all(header, "Expires: 0", "PHPSESSID=", "application/json")'
         condition: and
         internal: true