CVE-2024-9465CISA KEVEPSS p99.9%

CVE-2024-9465Palo Alto Networks Expedition SQL Injection Vulnerability

Palo Alto Networks / Expedition

Description

Palo Alto Networks Expedition contains a SQL injection vulnerability that allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system.

Scoring

EPSS99.59% probability of exploitation · percentile 99.9% · 2026-06-18T12:00:27Z

CISA KEV entry

Added to KEV: 2024-11-14

(incoming)1

TypeTargetConfidenceTier
KEVEntryPalo Alto Networks Expedition SQL Injection Vulnerabilitykev-cve-2024-94650%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-0103
CVE
Palo Alto Networks Expedition OS Command Injection Vulnerability
CVE
CVE-2025-0107
CVE
Palo Alto Networks Expedition Missing Authentication Vulnerability
CVE
CVE-2025-0105
CVE
Palo Alto Networks PAN-OS Management Interface OS Command Injection Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.