CVE-2024-20373

{"id": "CVE-2024-20373", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2024-11-15T15:15:06.823", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-uwBXfqww", "source": "ykramarz@cisco.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) IPv4 access control list (ACL) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic. \r\n\r\nThis vulnerability exists because Cisco IOS Software and Cisco IOS XE Software do not support extended IPv4 ACLs for SNMP, but they do allow administrators to configure extended named IPv4 ACLs that are attached to the SNMP server configuration without a warning message. This can result in no ACL being applied to the SNMP listening process. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP operations that should be denied. The attacker has no control of the SNMP ACL configuration and would still need a valid SNMP version 2c (SNMPv2c) community string or SNMP version 3 (SNMPv3) user credentials.\r\nSNMP with IPv6 ACL configurations is not affected.\r\nFor more information, see the section of this advisory."}, {"lang": "es", "value": "Una vulnerabilidad en la implementaci\u00f3n de la caracter\u00edstica de lista de control de acceso (ACL) IPv4 del Protocolo simple de administraci\u00f3n de redes (SNMP) de Cisco IOS Software y Cisco IOS XE Software podr\u00eda permitir que un atacante remoto no autenticado realice un sondeo SNMP de un dispositivo afectado, incluso si est\u00e1 configurado para denegar el tr\u00e1fico SNMP. Esta vulnerabilidad existe porque Cisco IOS Software y Cisco IOS XE Software no admiten ACL IPv4 extendidas para SNMP, pero s\u00ed permiten a los administradores configurar ACL IPv4 con nombre extendidas que se adjuntan a la configuraci\u00f3n del servidor SNMP sin un mensaje de advertencia. Esto puede provocar que no se aplique ninguna ACL al proceso de escucha SNMP. Un atacante podr\u00eda aprovechar esta vulnerabilidad realizando un sondeo SNMP de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante realizar operaciones SNMP que deber\u00edan denegarse. El atacante no tiene control sobre la configuraci\u00f3n de la ACL de SNMP y a\u00fan necesitar\u00eda una cadena de comunidad de SNMP versi\u00f3n 2c (SNMPv2c) v\u00e1lida o credenciales de usuario de SNMP versi\u00f3n 3 (SNMPv3). SNMP con configuraciones de ACL de IPv6 no se ve afectado. Para obtener m\u00e1s informaci\u00f3n, consulte la secci\u00f3n de este aviso."}], "lastModified": "2024-11-18T17:11:56.587", "sourceIdentifier": "ykramarz@cisco.com"}