A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to log in to an affected system by using a static administrative credential.
This vulnerability is due to an undocumented static user credential for an administrative account. An attacker could exploit this vulnerability by using the static credentials to log in to the affected system. A successful exploit could allow the attacker to log in to the affected system with administrative privileges over the API of the Cisco Smart Licensing Utility application.
References
Link | Resource |
---|---|
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw | Vendor Advisory |
Configurations
History
13 Sep 2024, 19:35
Type | Values Removed | Values Added |
---|---|---|
First Time |
Cisco smart License Utility
Cisco |
|
CWE | CWE-798 | |
CPE | cpe:2.3:a:cisco:smart_license_utility:*:*:*:*:*:*:*:* | |
References | () https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw - Vendor Advisory |
05 Sep 2024, 12:53
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
04 Sep 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-04 17:15
Updated : 2024-09-13 19:35
NVD link : CVE-2024-20439
Mitre link : CVE-2024-20439
CVE.ORG link : CVE-2024-20439
JSON object : View
Products Affected
cisco
- smart_license_utility