cve-2024-20383
Vulnerability from cvelistv5
Published
2024-05-15 17:59
Modified
2024-08-01 21:59
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Crosswork NSO CLI and the ConfD CLI could allow an authenticated, low-privileged, local attacker to elevate privileges to root on the underlying operating system.
The vulnerability is due to an incorrect privilege assignment when specific CLI commands are used. An attacker could exploit this vulnerability by executing an affected CLI command. A successful exploit could allow the attacker to elevate privileges to root on the underlying operating system.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Cisco | Cisco Secure Email and Web Manager |
Version: 9.0.0-087 Version: 11.0.0-115 Version: 11.0.1-161 Version: 11.5.1-105 Version: 12.0.0-452 Version: 12.0.1-011 Version: 12.5.0-636 Version: 12.5.0-658 Version: 12.5.0-678 Version: 12.5.0-670 Version: 13.0.0-277 Version: 13.6.2-078 Version: 13.8.1-068 Version: 13.8.1-074 Version: 13.8.1-108 Version: 12.8.1-002 Version: 12.8.1-021 Version: 14.0.0-404 Version: 14.1.0-223 Version: 14.1.0-227 Version: 14.2.0-212 Version: 14.2.0-224 Version: 14.2.1-020 Version: 14.3.0-120 Version: 15.0.0-334 |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-20383", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-05-16T18:50:56.053580Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:40:43.042Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T21:59:42.314Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD", "tags": [ "x_transferred" ], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Cisco Secure Email and Web Manager", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "9.0.0-087" }, { "status": "affected", "version": "11.0.0-115" }, { "status": "affected", "version": "11.0.1-161" }, { "status": "affected", "version": "11.5.1-105" }, { "status": "affected", "version": "12.0.0-452" }, { "status": "affected", "version": "12.0.1-011" }, { "status": "affected", "version": "12.5.0-636" }, { "status": "affected", "version": "12.5.0-658" }, { "status": "affected", "version": "12.5.0-678" }, { "status": "affected", "version": "12.5.0-670" }, { "status": "affected", "version": "13.0.0-277" }, { "status": "affected", "version": "13.6.2-078" }, { "status": "affected", "version": "13.8.1-068" }, { "status": "affected", "version": "13.8.1-074" }, { "status": "affected", "version": "13.8.1-108" }, { "status": "affected", "version": "12.8.1-002" }, { "status": "affected", "version": "12.8.1-021" }, { "status": "affected", "version": "14.0.0-404" }, { "status": "affected", "version": "14.1.0-223" }, { "status": "affected", "version": "14.1.0-227" }, { "status": "affected", "version": "14.2.0-212" }, { "status": "affected", "version": "14.2.0-224" }, { "status": "affected", "version": "14.2.1-020" }, { "status": "affected", "version": "14.3.0-120" }, { "status": "affected", "version": "15.0.0-334" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the Cisco Crosswork NSO CLI and the ConfD CLI could allow an authenticated, low-privileged, local attacker to elevate privileges to root on the underlying operating system.\r\n\r The vulnerability is due to an incorrect privilege assignment when specific CLI commands are used. An attacker could exploit this vulnerability by executing an affected CLI command. A successful exploit could allow the attacker to elevate privileges to root on the underlying operating system." } ], "exploits": [ { "lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "format": "cvssV3_1" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-79", "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-15T18:13:46.829Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD" } ], "source": { "advisory": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD", "defects": [ "CSCwi59618" ], "discovery": "EXTERNAL" } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2024-20383", "datePublished": "2024-05-15T17:59:49.921Z", "dateReserved": "2023-11-08T15:08:07.658Z", "dateUpdated": "2024-08-01T21:59:42.314Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2024-20383\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2024-05-15T18:15:09.910\",\"lastModified\":\"2024-11-21T08:52:30.840\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the Cisco Crosswork NSO CLI and the ConfD CLI could allow an authenticated, low-privileged, local attacker to elevate privileges to root on the underlying operating system.\\r\\n\\r The vulnerability is due to an incorrect privilege assignment when specific CLI commands are used. An attacker could exploit this vulnerability by executing an affected CLI command. A successful exploit could allow the attacker to elevate privileges to root on the underlying operating system.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la CLI de Cisco Crosswork NSO y la CLI de ConfD podr\u00eda permitir que un atacante local autenticado y con pocos privilegios eleve los privilegios a root en el sistema operativo subyacente. La vulnerabilidad se debe a una asignaci\u00f3n de privilegios incorrecta cuando se utilizan comandos CLI espec\u00edficos. Un atacante podr\u00eda aprovechar esta vulnerabilidad ejecutando un comando CLI afectado. Un exploit exitoso podr\u00eda permitir al atacante elevar los privilegios a root en el sistema operativo subyacente.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":4.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.7,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD\",\"source\":\"ykramarz@cisco.com\"},{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}" } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.