CVSS 3.1 Score 8.2 of 10 (high)


Published Mar 6, 2024
Updated: Mar 7, 2024


CVE-2024-20337 is a vulnerability in the SAML authentication process of Cisco Secure Client, affecting the r58ACN product. It allows an unauthenticated, remote attacker to conduct a carriage return line feed (CRLF) injection attack against a user. The vulnerability is caused by insufficient validation of user-supplied input. An attacker can exploit this by persuading a user to click a crafted link during a VPN session, enabling them to execute arbitrary script code in the browser and access sensitive information, including a valid SAML token. With this token, the attacker can establish a remote access VPN session with the privileges of the targeted user. However, additional credentials would still be required for successful access to individual hosts and services behind the VPN headend.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-20337 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options