CVE-2024-20419
Published: 17 July 2024
Summary
CVE-2024-20419 is a critical-severity Unverified Password Change (CWE-620) vulnerability in Cisco Smart Software Manager On-Prem. Its CVSS base score is 10.0 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 0.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem (SSM On-Prem) stems from improper implementation of the password-change process. This flaw enables an unauthenticated remote attacker to alter the password of any user account, including administrative ones, by sending crafted HTTP requests to an affected device. The issue carries a CVSS score of 10.0 and is tracked under CWE-620.
An attacker who successfully exploits the vulnerability can obtain access to the web UI or API using the privileges of the compromised account. The EPSS score stands at a current and peak value of 0.9147. The primary advisory reference is the Cisco security bulletin at sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-auth-sLw3uhUy.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-18134
Vulnerability details
A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote attacker to change the password of any user, including administrative users. This vulnerability is due to improper implementation of the password-change…
more
process. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow an attacker to access the web UI or API with the privileges of the compromised user.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability enables exploitation of a public-facing web UI/API (T1190) through crafted HTTP requests, allowing unauthenticated account manipulation via password changes for any user including admins (T1098), resulting in privilege escalation (T1068).
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.