CVE-2024-20381

CWE-2854 documents4 sources

Severity

8.8HIGH

EPSS

1.9%

top 16.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Cisco IOS XR Software Cisco Cisco Network Services Orchestrator Cisco Cisco Small Business RV Series Router Firmware +3 more

Timeline

PublishedSep 11

Description

A vulnerability in the JSON-RPC API feature in Cisco Crosswork Network Services Orchestrator (NSO) and ConfD that is used by the web-based management interfaces of Cisco Optical Site Manager and Cisco RV340 Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to modify the configuration of an affected application or device. This vulnerability is due to improper authorization checks on the API. An attacker with privileges sufficient to access the affected application or dev…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages6 packages

▶NVDcisco/network_services_orchestrator163 versions+162

▶CVEListV5cisco/cisco_network_services_orchestrator163 versions+162

▶NVDcisco/ios_xr88 versions+87

▶CVEListV5cisco/cisco_ios_xr_software88 versions+87

▶NVDcisco/small_business_rv_series_router_firmware20 versions+19

🔴Vulnerability Details

GHSA

GHSA-rg27-7v3v-xmhh: A vulnerability in the JSON-RPC API feature in ConfD that is used by the web-based management interfaces of Cisco Crosswork Network Services Orchestra↗2024-09-11

▶

CVEList

Cisco Network Services Orchestrator Configuration Update Authorization Bypass Vulnerability↗2024-09-11

▶

📋Vendor Advisories

Cisco

Multiple Cisco Products Web-Based Management Interface Privilege Escalation Vulnerability↗2024-09-11

▶