Update CVE-2024-9463.yaml

2024-10-10 17:25:52 +04:00 · 2024-10-10 17:25:52 +04:00 · aaffed7b85
parent f771a2001c
commit aaffed7b85
1 changed files with 11 additions and 3 deletions
--- a/http/cves/2024/CVE-2024-9463.yaml
+++ b/http/cves/2024/CVE-2024-9463.yaml
@ -5,7 +5,7 @@ info:
  author: princechaddha
  severity: critical
  description: |
-    Palo Alto Networks devices are vulnerable to Remote Code Execution (RCE) via CVE-2024-9463.
+    An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.
  impact: |
    Successful exploitation could result in unauthorized access and control of the affected device.
  remediation: |
@ -14,13 +14,21 @@ info:
    - https://x.com/watchtowrcyber/status/1844306954245767623
    - https://security.paloaltonetworks.com/PAN-SA-2024-0010
    - https://github.com/fkie-cad/nvd-json-data-feeds
+    - https://nvd.nist.gov/vuln/detail/CVE-2024-9463
+  classification:
+    cvss-metrics: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/S
+    cvss-score: 9.9
+    cve-id: CVE-2024-9463
+    cwe-id: CWE-78
+    epss-score: 0.00043
+    epss-percentile: 0.10347
  metadata:
    verified: true
-    max-request: 2
+    max-request: 1
    vendor: paloaltonetworks
    product: expedition
    shodan-query: http.favicon.hash:1499876150
-  tags: cve,cve2024,palo-alto,rce,unauth
+  tags: cve,cve2024,palo-alto,rce

 http:
  - raw: