CVE-2024-20345
published 2024-03-06CVE-2024-20345: A vulnerability in the file upload functionality of Cisco AppDynamics Controller could allow an authenticated, remote attacker to conduct directory traversal…
PriorityP179medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
ITWVulnCheck KEV
Exploited in the wild
EPSS
2.15%
79.9th percentile
A vulnerability in the file upload functionality of Cisco AppDynamics Controller could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to access sensitive data on an affected device.
Affected
39 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | appdynamics_controller | < 23.4.0 | 23.4.0 |
| cisco | appdynamics_controller_path | — | — |
| cisco | cisco_appdynamics | — | — |
| cisco | cisco_appdynamics | — | — |
| cisco | cisco_appdynamics | — | — |
| cisco | cisco_appdynamics | — | — |
| cisco | cisco_appdynamics | — | — |
| cisco | cisco_appdynamics | — | — |
| cisco | cisco_appdynamics | — | — |
| cisco | cisco_appdynamics | — | — |
| cisco | cisco_appdynamics | — | — |
| cisco | cisco_appdynamics | — | — |
| cisco | cisco_appdynamics | — | — |
| cisco | cisco_appdynamics | — | — |
| cisco | cisco_appdynamics | — | — |
| cisco | cisco_appdynamics | — | — |
| cisco | cisco_appdynamics | — | — |
| cisco | cisco_appdynamics | — | — |
| cisco | cisco_appdynamics | — | — |
| cisco | cisco_appdynamics | — | — |
| cisco | cisco_appdynamics | — | — |
| cisco | cisco_appdynamics | — | — |
| cisco | cisco_appdynamics | — | — |
| cisco | cisco_appdynamics | — | — |
| cisco | cisco_appdynamics | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Exploit vector targets the file upload functionality of Cisco AppDynamics Controller via a crafted HTTP request containing directory traversal sequences; monitor for path traversal patterns (e.g., '../') in file upload requests to the AppDynamics Controller. ↗
- →The vulnerability is specifically in the file upload functionality; focus detection on multipart/form-data or file upload endpoints of the AppDynamics Controller for anomalous path components. ↗
- →Root cause is insufficient validation of user-supplied input (CWE-26); inspect input sanitization on file name/path parameters in upload requests for unfiltered traversal sequences. ↗
- ·Exploitation requires authentication; unauthenticated access alone is insufficient to trigger this vulnerability. ↗
- ·No workarounds are available; remediation requires applying the vendor-released software updates for Cisco AppDynamics Controller. ↗
- ·Tracked under Cisco Bug ID CSCwh18934; use this identifier when cross-referencing vendor advisories or patch management systems. ↗
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
vulncheck6.5MEDIUM
vendor_cisco6.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-52jg-m3rm-ch68: A vulnerability in the file upload functionality of Cisco AppDynamics Controller could allow an authenticated, remote attacker to conduct directory tr
ghsa_unreviewed·2024-03-06
CVE-2024-20345 [MEDIUM] CWE-22 GHSA-52jg-m3rm-ch68: A vulnerability in the file upload functionality of Cisco AppDynamics Controller could allow an authenticated, remote attacker to conduct directory tr
A vulnerability in the file upload functionality of Cisco AppDynamics Controller could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to access sensitive data on an affected device.
VulnCheck
Cisco AppDynamics Controller Directory Traversal Vulnerability
vulncheck·2024·CVSS 6.5
CVE-2024-20345 [MEDIUM] Cisco AppDynamics Controller Directory Traversal Vulnerability
Cisco AppDynamics Controller Directory Traversal Vulnerability
A vulnerability in the file upload functionality of Cisco AppDynamics Controller could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to access sensitive data on an affected device.
Affected: Cisco AppDynamics Controller
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://www.tenable.com/blog/cybersecurity-snapshot-new-
Cisco
Cisco AppDynamics Controller Path Traversal Vulnerability
vendor_cisco·2024-03-06·CVSS 6.5
CVE-2024-20345 [MEDIUM] CWE-26 Cisco AppDynamics Controller Path Traversal Vulnerability
Cisco AppDynamics Controller Path Traversal Vulnerability
A vulnerability in the file upload functionality of Cisco AppDynamics Controller could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to access sensitive data on an affected device.
Cisco AppDynamics has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-appd-tr
Cisco
Cisco AppDynamics Controller Path Traversal Vulnerability
vendor_cisco·CVSS 3.1
CVE-2024-20345 Cisco AppDynamics Controller Path Traversal Vulnerability
CVE-2024-20345: Cisco AppDynamics Controller Path Traversal Vulnerability
A vulnerability in the file upload functionality of Cisco AppDynamics Controller could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to access sensitive data on an affected device. Cisco AppDynamics has released software updates that address this vulnerability. There are no
CVSS: 3.1
CWE: CWE-26, CWE-26
Bug IDs: CSCwh18934
No detection rules found.
No public exploits indexed.
2024-03-06
Published
Exploited in the wild