CVE-2018-10143

critical

Description

The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application.

References

https://security.paloaltonetworks.com/CVE-2018-10143

https://doddsecurity.com/234/command-injection-on-palo-alto-networks-expedition/

http://www.securityfocus.com/bid/106174

Details

Source: Mitre, NVD

Published: 2018-12-12

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.26747