cbcvebase.
CVE-2024-20345
published 2024-03-06

CVE-2024-20345: A vulnerability in the file upload functionality of Cisco AppDynamics Controller could allow an authenticated, remote attacker to conduct directory traversal…

PriorityP179medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
ITWVulnCheck KEV
Exploited in the wild
EPSS
2.15%
79.9th percentile
A vulnerability in the file upload functionality of Cisco AppDynamics Controller could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to access sensitive data on an affected device.

Affected

39 ranges· showing 25
VendorProductVersion rangeFixed in
ciscoappdynamics_controller< 23.4.023.4.0
ciscoappdynamics_controller_path
ciscocisco_appdynamics
ciscocisco_appdynamics
ciscocisco_appdynamics
ciscocisco_appdynamics
ciscocisco_appdynamics
ciscocisco_appdynamics
ciscocisco_appdynamics
ciscocisco_appdynamics
ciscocisco_appdynamics
ciscocisco_appdynamics
ciscocisco_appdynamics
ciscocisco_appdynamics
ciscocisco_appdynamics
ciscocisco_appdynamics
ciscocisco_appdynamics
ciscocisco_appdynamics
ciscocisco_appdynamics
ciscocisco_appdynamics
ciscocisco_appdynamics
ciscocisco_appdynamics
ciscocisco_appdynamics
ciscocisco_appdynamics
ciscocisco_appdynamics

Detection & IOCsextracted from sources · hover to see the quote

  • Exploit vector targets the file upload functionality of Cisco AppDynamics Controller via a crafted HTTP request containing directory traversal sequences; monitor for path traversal patterns (e.g., '../') in file upload requests to the AppDynamics Controller.
  • The vulnerability is specifically in the file upload functionality; focus detection on multipart/form-data or file upload endpoints of the AppDynamics Controller for anomalous path components.
  • Root cause is insufficient validation of user-supplied input (CWE-26); inspect input sanitization on file name/path parameters in upload requests for unfiltered traversal sequences.
  • ·Exploitation requires authentication; unauthenticated access alone is insufficient to trigger this vulnerability.
  • ·No workarounds are available; remediation requires applying the vendor-released software updates for Cisco AppDynamics Controller.
  • ·Tracked under Cisco Bug ID CSCwh18934; use this identifier when cross-referencing vendor advisories or patch management systems.

CVSS provenance

nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
vulncheck6.5MEDIUM
vendor_cisco6.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.