cve-2024-20350
Vulnerability from cvelistv5
Published
2024-09-25 16:19
Modified
2024-09-27 03:55
Summary
Cisco Catalyst Center Static SSH Host Key Vulnerability
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:cisco:digital_network_architecture_center:1.4.0.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.1.1.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.1.1.3:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.1.2.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.1.2.3:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.1.2.4:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.1.2.5:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.1.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.1.2.6:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.1:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.3:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.1.2.7:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.1.3:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.3.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.4:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.5:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.3.3:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.7:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.6:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.8:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.3.4:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.1.2.8:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.2.1:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.2.1-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.2.1-airgap-ca:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.3.5:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.3:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.1-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.1:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.2.3:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.3-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.3.6:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.9:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.0-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.3-airgap-ca:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.4:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.4-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.4-airgap-mdnac:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.4-hf1:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.4.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.5:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.5-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.4.0-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.4.3:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.4.3-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.6:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.6-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.0-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.6-airgap-mdnac:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.0-airgap-mdnac:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.7:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.7-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.7-airgap-mdnac:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.6.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.6-70045-hf1:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.7-72328-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.7-72323:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.7-72328-mdnac:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.3:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.3-airgap-mdnac:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.3-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.6.0-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.0-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.0-airgap-mdnac:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.0-va:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.4:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.4-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.4-airgap-mdnac:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.3:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.3-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.3-airgap-mdnac:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.5-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.5:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.5-airgap-mdnac:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.4:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.4-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.4-airgap-mdnac:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:1.0.0.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.5-70026-hf70:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.5-70026-hf51:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.5-70026-hf52:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.5-70026-hf53:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "digital_network_architecture_center",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "1.4.0.0"
              },
              {
                "status": "affected",
                "version": "2.1.1.0"
              },
              {
                "status": "affected",
                "version": "2.1.1.3"
              },
              {
                "status": "affected",
                "version": "2.1.2.0"
              },
              {
                "status": "affected",
                "version": "2.1.2.3"
              },
              {
                "status": "affected",
                "version": "2.1.2.4"
              },
              {
                "status": "affected",
                "version": "2.1.2.5"
              },
              {
                "status": "affected",
                "version": "2.2.1.0"
              },
              {
                "status": "affected",
                "version": "2.1.2.6"
              },
              {
                "status": "affected",
                "version": "2.2.2.0"
              },
              {
                "status": "affected",
                "version": "2.2.2.1"
              },
              {
                "status": "affected",
                "version": "2.2.2.3"
              },
              {
                "status": "affected",
                "version": "2.1.2.7"
              },
              {
                "status": "affected",
                "version": "2.2.1.3"
              },
              {
                "status": "affected",
                "version": "2.2.3.0"
              },
              {
                "status": "affected",
                "version": "2.2.2.4"
              },
              {
                "status": "affected",
                "version": "2.2.2.5"
              },
              {
                "status": "affected",
                "version": "2.2.3.3"
              },
              {
                "status": "affected",
                "version": "2.2.2.7"
              },
              {
                "status": "affected",
                "version": "2.2.2.6"
              },
              {
                "status": "affected",
                "version": "2.2.2.8"
              },
              {
                "status": "affected",
                "version": "2.2.3.4"
              },
              {
                "status": "affected",
                "version": "2.1.2.8"
              },
              {
                "status": "affected",
                "version": "2.3.2.1"
              },
              {
                "status": "affected",
                "version": "2.3.2.1-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.2.1-airgap-ca"
              },
              {
                "status": "affected",
                "version": "2.2.3.5"
              },
              {
                "status": "affected",
                "version": "2.3.3.0"
              },
              {
                "status": "affected",
                "version": "2.3.3.3"
              },
              {
                "status": "affected",
                "version": "2.3.3.1-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.3.1"
              },
              {
                "status": "affected",
                "version": "2.3.2.3"
              },
              {
                "status": "affected",
                "version": "2.3.3.3-airgap"
              },
              {
                "status": "affected",
                "version": "2.2.3.6"
              },
              {
                "status": "affected",
                "version": "2.2.2.9"
              },
              {
                "status": "affected",
                "version": "2.3.3.0-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.3.3-airgap-ca"
              },
              {
                "status": "affected",
                "version": "2.3.3.4"
              },
              {
                "status": "affected",
                "version": "2.3.3.4-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.3.4-airgap-mdnac"
              },
              {
                "status": "affected",
                "version": "2.3.3.4-hf1"
              },
              {
                "status": "affected",
                "version": "2.3.4.0"
              },
              {
                "status": "affected",
                "version": "2.3.3.5"
              },
              {
                "status": "affected",
                "version": "2.3.3.5-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.4.0-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.4.3"
              },
              {
                "status": "affected",
                "version": "2.3.4.3-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.3.6"
              },
              {
                "status": "affected",
                "version": "2.3.5.0"
              },
              {
                "status": "affected",
                "version": "2.3.3.6-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.5.0-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.3.6-airgap-mdnac"
              },
              {
                "status": "affected",
                "version": "2.3.5.0-airgap-mdnac"
              },
              {
                "status": "affected",
                "version": "2.3.3.7"
              },
              {
                "status": "affected",
                "version": "2.3.3.7-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.3.7-airgap-mdnac"
              },
              {
                "status": "affected",
                "version": "2.3.6.0"
              },
              {
                "status": "affected",
                "version": "2.3.3.6-70045-hf1"
              },
              {
                "status": "affected",
                "version": "2.3.3.7-72328-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.3.7-72323"
              },
              {
                "status": "affected",
                "version": "2.3.3.7-72328-mdnac"
              },
              {
                "status": "affected",
                "version": "2.3.5.3"
              },
              {
                "status": "affected",
                "version": "2.3.5.3-airgap-mdnac"
              },
              {
                "status": "affected",
                "version": "2.3.5.3-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.6.0-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.7.0"
              },
              {
                "status": "affected",
                "version": "2.3.7.0-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.7.0-airgap-mdnac"
              },
              {
                "status": "affected",
                "version": "2.3.7.0-va"
              },
              {
                "status": "affected",
                "version": "2.3.5.4"
              },
              {
                "status": "affected",
                "version": "2.3.5.4-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.5.4-airgap-mdnac"
              },
              {
                "status": "affected",
                "version": "2.3.7.3"
              },
              {
                "status": "affected",
                "version": "2.3.7.3-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.7.3-airgap-mdnac"
              },
              {
                "status": "affected",
                "version": "2.3.5.5-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.5.5"
              },
              {
                "status": "affected",
                "version": "2.3.5.5-airgap-mdnac"
              },
              {
                "status": "affected",
                "version": "2.3.7.4"
              },
              {
                "status": "affected",
                "version": "2.3.7.4-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.7.4-airgap-mdnac"
              },
              {
                "status": "affected",
                "version": "1.0.0.0"
              },
              {
                "status": "affected",
                "version": "2.3.5.5-70026-hf70"
              },
              {
                "status": "affected",
                "version": "2.3.5.5-70026-hf51"
              },
              {
                "status": "affected",
                "version": "2.3.5.5-70026-hf52"
              },
              {
                "status": "affected",
                "version": "2.3.5.5-70026-hf53"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20350",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-26T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-27T03:55:13.779Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Cisco Digital Network Architecture Center (DNA Center)",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "1.4.0.0"
            },
            {
              "status": "affected",
              "version": "2.1.1.0"
            },
            {
              "status": "affected",
              "version": "2.1.1.3"
            },
            {
              "status": "affected",
              "version": "2.1.2.0"
            },
            {
              "status": "affected",
              "version": "2.1.2.3"
            },
            {
              "status": "affected",
              "version": "2.1.2.4"
            },
            {
              "status": "affected",
              "version": "2.1.2.5"
            },
            {
              "status": "affected",
              "version": "2.2.1.0"
            },
            {
              "status": "affected",
              "version": "2.1.2.6"
            },
            {
              "status": "affected",
              "version": "2.2.2.0"
            },
            {
              "status": "affected",
              "version": "2.2.2.1"
            },
            {
              "status": "affected",
              "version": "2.2.2.3"
            },
            {
              "status": "affected",
              "version": "2.1.2.7"
            },
            {
              "status": "affected",
              "version": "2.2.1.3"
            },
            {
              "status": "affected",
              "version": "2.2.3.0"
            },
            {
              "status": "affected",
              "version": "2.2.2.4"
            },
            {
              "status": "affected",
              "version": "2.2.2.5"
            },
            {
              "status": "affected",
              "version": "2.2.3.3"
            },
            {
              "status": "affected",
              "version": "2.2.2.7"
            },
            {
              "status": "affected",
              "version": "2.2.2.6"
            },
            {
              "status": "affected",
              "version": "2.2.2.8"
            },
            {
              "status": "affected",
              "version": "2.2.3.4"
            },
            {
              "status": "affected",
              "version": "2.1.2.8"
            },
            {
              "status": "affected",
              "version": "2.3.2.1"
            },
            {
              "status": "affected",
              "version": "2.3.2.1-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.2.1-AIRGAP-CA"
            },
            {
              "status": "affected",
              "version": "2.2.3.5"
            },
            {
              "status": "affected",
              "version": "2.3.3.0"
            },
            {
              "status": "affected",
              "version": "2.3.3.3"
            },
            {
              "status": "affected",
              "version": "2.3.3.1-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.3.1"
            },
            {
              "status": "affected",
              "version": "2.3.2.3"
            },
            {
              "status": "affected",
              "version": "2.3.3.3-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.2.3.6"
            },
            {
              "status": "affected",
              "version": "2.2.2.9"
            },
            {
              "status": "affected",
              "version": "2.3.3.0-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.3.3-AIRGAP-CA"
            },
            {
              "status": "affected",
              "version": "2.3.3.4"
            },
            {
              "status": "affected",
              "version": "2.3.3.4-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.3.4-AIRGAP-MDNAC"
            },
            {
              "status": "affected",
              "version": "2.3.3.4-HF1"
            },
            {
              "status": "affected",
              "version": "2.3.4.0"
            },
            {
              "status": "affected",
              "version": "2.3.3.5"
            },
            {
              "status": "affected",
              "version": "2.3.3.5-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.4.0-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.4.3"
            },
            {
              "status": "affected",
              "version": "2.3.4.3-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.3.6"
            },
            {
              "status": "affected",
              "version": "2.3.5.0"
            },
            {
              "status": "affected",
              "version": "2.3.3.6-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.5.0-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.3.6-AIRGAP-MDNAC"
            },
            {
              "status": "affected",
              "version": "2.3.5.0-AIRGAP-MDNAC"
            },
            {
              "status": "affected",
              "version": "2.3.3.7"
            },
            {
              "status": "affected",
              "version": "2.3.3.7-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.3.7-AIRGAP-MDNAC"
            },
            {
              "status": "affected",
              "version": "2.3.6.0"
            },
            {
              "status": "affected",
              "version": "2.3.3.6-70045-HF1"
            },
            {
              "status": "affected",
              "version": "2.3.3.7-72328-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.3.7-72323"
            },
            {
              "status": "affected",
              "version": "2.3.3.7-72328-MDNAC"
            },
            {
              "status": "affected",
              "version": "2.3.5.3"
            },
            {
              "status": "affected",
              "version": "2.3.5.3-AIRGAP-MDNAC"
            },
            {
              "status": "affected",
              "version": "2.3.5.3-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.6.0-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.7.0"
            },
            {
              "status": "affected",
              "version": "2.3.7.0-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.7.0-AIRGAP-MDNAC"
            },
            {
              "status": "affected",
              "version": "2.3.7.0-VA"
            },
            {
              "status": "affected",
              "version": "2.3.5.4"
            },
            {
              "status": "affected",
              "version": "2.3.5.4-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.5.4-AIRGAP-MDNAC"
            },
            {
              "status": "affected",
              "version": "2.3.7.3"
            },
            {
              "status": "affected",
              "version": "2.3.7.3-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.7.3-AIRGAP-MDNAC"
            },
            {
              "status": "affected",
              "version": "2.3.5.5-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.5.5"
            },
            {
              "status": "affected",
              "version": "2.3.5.5-AIRGAP-MDNAC"
            },
            {
              "status": "affected",
              "version": "2.3.7.4"
            },
            {
              "status": "affected",
              "version": "2.3.7.4-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.7.4-AIRGAP-MDNAC"
            },
            {
              "status": "affected",
              "version": "1.0.0.0"
            },
            {
              "status": "affected",
              "version": "2.3.5.5-70026-HF70"
            },
            {
              "status": "affected",
              "version": "2.3.5.5-70026-HF51"
            },
            {
              "status": "affected",
              "version": "2.3.5.5-70026-HF52"
            },
            {
              "status": "affected",
              "version": "2.3.5.5-70026-HF53"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the SSH server of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to impersonate a Cisco Catalyst Center appliance.\r\n\r\nThis vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability by performing a machine-in-the-middle attack on SSH connections, which could allow the attacker to intercept traffic between SSH clients and a Cisco Catalyst Center appliance. A successful exploit could allow the attacker to impersonate the affected appliance, inject commands into the terminal session, and steal valid user credentials."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "Use of Hard-coded Cryptographic Key",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-25T16:19:15.162Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-dnac-ssh-e4uOdASj",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-ssh-e4uOdASj"
        }
      ],
      "source": {
        "advisory": "cisco-sa-dnac-ssh-e4uOdASj",
        "defects": [
          "CSCwi40467"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Catalyst Center Static SSH Host Key Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20350",
    "datePublished": "2024-09-25T16:19:15.162Z",
    "dateReserved": "2023-11-08T15:08:07.646Z",
    "dateUpdated": "2024-09-27T03:55:13.779Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-20350\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2024-09-25T17:15:15.000\",\"lastModified\":\"2024-09-26T13:32:02.803\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the SSH server of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to impersonate a Cisco Catalyst Center appliance.\\r\\n\\r\\nThis vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability by performing a machine-in-the-middle attack on SSH connections, which could allow the attacker to intercept traffic between SSH clients and a Cisco Catalyst Center appliance. A successful exploit could allow the attacker to impersonate the affected appliance, inject commands into the terminal session, and steal valid user credentials.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en el servidor SSH de Cisco Catalyst Center, anteriormente Cisco DNA Center, podr\u00eda permitir que un atacante remoto no autenticado se haga pasar por un dispositivo Cisco Catalyst Center. Esta vulnerabilidad se debe a la presencia de una clave de host SSH est\u00e1tica. Un atacante podr\u00eda aprovechar esta vulnerabilidad realizando un ataque de tipo m\u00e1quina intermedia en las conexiones SSH, lo que podr\u00eda permitir al atacante interceptar el tr\u00e1fico entre los clientes SSH y un dispositivo Cisco Catalyst Center. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante hacerse pasar por el dispositivo afectado, inyectar comandos en la sesi\u00f3n de terminal y robar credenciales de usuario v\u00e1lidas.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-321\"}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-ssh-e4uOdASj\",\"source\":\"ykramarz@cisco.com\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.