From dc6eaca4be2912e58079049a70447a0704bf2f3b Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Thu, 10 Oct 2024 17:33:44 +0400
Subject: [PATCH] Update CVE-2024-9465.yaml

---
 http/cves/2024/CVE-2024-9465.yaml | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/http/cves/2024/CVE-2024-9465.yaml b/http/cves/2024/CVE-2024-9465.yaml
index 3f859c3aab..72245e273d 100644
--- a/http/cves/2024/CVE-2024-9465.yaml
+++ b/http/cves/2024/CVE-2024-9465.yaml
@@ -3,7 +3,7 @@ id: CVE-2024-9465
 info:
   name: Palo Alto Expedition - SQL Injection
   author: DhiyaneshDK
-  severity: medium
+  severity: high
   description: |
     An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system.
   reference:
@@ -11,6 +11,13 @@ info:
     - https://github.com/horizon3ai/CVE-2024-9465/tree/main
     - https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
     - https://nvd.nist.gov/vuln/detail/CVE-2024-9465
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
+    cvss-score: 8.2
+    cve-id: CVE-2024-9465
+    cwe-id: CWE-89
+    epss-score: 0.00043
+    epss-percentile: 0.09688
   metadata:
     verified: true
     max-request: 2
@@ -53,5 +60,3 @@ http:
           - 'duration>=6'
           - 'status_code == 200'
         condition: and
-
-# digest: 4a0a00473045022100819d31ec650b5b6b619fe56b95703da3c582fdd58158b549c2723067861091af02205ce65575c554713510fcdbae984b55e91bfa5b0817bf2f1e2d53b8330eb4e91a:922c64590222798bb761d5b6d8e72950
\ No newline at end of file