CVE-2024-20326
published 2024-05-16CVE-2024-20326: A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read…
PriorityP348high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.34%
26.1th percentile
A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system.
This vulnerability is due to improper authorization enforcement when specific CLI commands are used. An attacker could exploit this vulnerability by executing an affected CLI command with crafted arguments. A successful exploit could allow the attacker to read or write arbitrary files on the underlying operating system with the privileges of the root user.
Affected
210 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cisco_confd | — | — |
| cisco | cisco_confd | — | — |
| cisco | cisco_confd | — | — |
| cisco | cisco_confd | — | — |
| cisco | cisco_confd | — | — |
| cisco | cisco_confd | — | — |
| cisco | cisco_confd | — | — |
| cisco | cisco_confd | — | — |
| cisco | cisco_confd | — | — |
| cisco | cisco_confd | — | — |
| cisco | cisco_confd | — | — |
| cisco | cisco_confd | — | — |
| cisco | cisco_confd | — | — |
| cisco | cisco_confd | — | — |
| cisco | cisco_confd | — | — |
| cisco | cisco_confd | — | — |
| cisco | cisco_confd | — | — |
| cisco | cisco_confd | — | — |
| cisco | cisco_confd | — | — |
| cisco | cisco_confd | — | — |
| cisco | cisco_confd | — | — |
| cisco | cisco_confd | — | — |
| cisco | cisco_confd | — | — |
| cisco | cisco_confd | — | — |
| cisco | cisco_confd | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vendor_cisco7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Cisco
Cisco Crosswork Network Services Orchestrator Vulnerabilities
vendor_cisco·2024-05-15·CVSS 7.8
CVE-2024-20326 [HIGH] CWE-266 Cisco Crosswork Network Services Orchestrator Vulnerabilities
Cisco Crosswork Network Services Orchestrator Vulnerabilities
Multiple vulnerabilities in the Cisco Crosswork Network Services Orchestrator (NSO) CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root or elevate privileges to root on the underlying operating system.
For more information about these vulnerabilities, see the Details section of this advisory.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-rwpesc-qrQGnh3f
Cisco
ConfD CLI Privilege Escalation and Arbitrary File Read and Write Vulnerabilities
vendor_cisco·2024-05-15·CVSS 7.8
CVE-2024-20326 [HIGH] CWE-266 ConfD CLI Privilege Escalation and Arbitrary File Read and Write Vulnerabilities
ConfD CLI Privilege Escalation and Arbitrary File Read and Write Vulnerabilities
Multiple vulnerabilities in the ConfD CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root or elevate privileges to root on the underlying operating system.
For more information about these vulnerabilities, see the Details section of this advisory.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnfd-rwpesc-ZAOufyx8
Cisco
ConfD CLI Privilege Escalation and Arbitrary File Read and Write Vulnerabilities
vendor_cisco·CVSS 3.1
CVE-2024-20326 ConfD CLI Privilege Escalation and Arbitrary File Read and Write Vulnerabilities
CVE-2024-20326: ConfD CLI Privilege Escalation and Arbitrary File Read and Write Vulnerabilities
Multiple vulnerabilities in the ConfD CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root or elevate privileges to root on the underlying operating system. For more information about these vulnerabilities, see the
CVSS: 3.1
CWE: CWE-266, CWE-78, CWE-266, CWE-78
Bug IDs: CSCwj67262, CSCwj72783, CSCwj67262, CSCwj72783
GHSA
GHSA-xfg4-45f5-2g88: A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacke
ghsa_unreviewed·2024-05-16
CVE-2024-20326 [HIGH] CWE-77 GHSA-xfg4-45f5-2g88: A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacke
A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system.
This vulnerability is due to improper authorization enforcement when specific CLI commands are used. An attacker could exploit this vulnerability by executing an affected CLI command with crafted arguments. A successful exploit could allow the attacker to read or write arbitrary files on the underlying operating system with the privileges of the root user.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnfd-rwpesc-ZAOufyx8https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-rwpesc-qrQGnh3fhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnfd-rwpesc-ZAOufyx8https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-rwpesc-qrQGnh3f
2024-05-16
Published