PatchSiren cyber security CVE debrief
CVE-2024-5910 Palo Alto Networks CVE debrief
CVE-2024-5910 is a missing authentication vulnerability in Palo Alto Networks Expedition. CISA added it to the Known Exploited Vulnerabilities catalog on 2024-11-07, which means it is treated as an exploited issue and should be handled as a high-priority defensive item. The supplied corpus does not include a CVSS score, so remediation urgency should be driven by the KEV listing and vendor guidance.
- Vendor
- Palo Alto Networks
- Product
- Expedition
- CVSS
- Unknown
- CISA KEV
- Listed
- Original CVE published
- 2024-11-07
- Original CVE updated
- 2024-11-07
- Advisory published
- 2024-11-07
- Advisory updated
- 2024-11-07
Who should care
Administrators and security teams responsible for Palo Alto Networks Expedition deployments, especially teams managing exposed or business-critical instances, as well as incident response teams tracking CISA KEV items.
Technical summary
The vulnerability is described as a missing authentication issue in Palo Alto Networks Expedition. The CISA KEV record identifies Palo Alto Networks as the vendor, Expedition as the product, and sets a remediation due date of 2024-11-28. No CVSS score is provided in the supplied source data.
Defensive priority
Urgent. Because CVE-2024-5910 is listed in CISA’s Known Exploited Vulnerabilities catalog, it should be prioritized ahead of routine maintenance. Follow vendor mitigations promptly; if mitigations are unavailable, CISA’s guidance is to discontinue use of the product.
Recommended defensive actions
- Identify all Palo Alto Networks Expedition instances in your environment, including test and forgotten deployments.
- Apply mitigations per Palo Alto Networks’ vendor instructions referenced by CISA as soon as possible.
- If mitigations are unavailable or cannot be applied safely, discontinue use of the product per CISA guidance.
- Prioritize remediation before the CISA KEV due date of 2024-11-28.
- Review relevant access and administrative activity on affected systems for signs of unauthorized use.
- Validate that asset inventory, patch tracking, and exception handling are updated to reflect the KEV status.
Evidence notes
Source evidence is limited to official records and the CISA KEV entry. The CISA KEV JSON lists Palo Alto Networks as the vendor, Expedition as the product, and includes dateAdded 2024-11-07 and dueDate 2024-11-28, with the remediation note: apply mitigations per vendor instructions or discontinue use if mitigations are unavailable. The CVE.org and NVD links confirm the record exists. The supplied corpus does not include a CVSS score or additional technical detail beyond the missing authentication description.
Official resources
-
CVE-2024-5910 CVE record
CVE.org
-
CVE-2024-5910 NVD detail
NVD
-
CISA Known Exploited Vulnerabilities catalog
CISA - Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
-
Source item URL
cisa_kev
Publicly disclosed in the supplied records on 2024-11-07 and added to CISA’s KEV catalog the same day; CISA remediation due date is 2024-11-28.