CVE-2024-20399

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Jul 1, 2024
Updated: Aug 14, 2024
CWE ID 78

Summary

CVE-2024-20399 is a vulnerability affecting the CLI of Cisco NX-OS Software. This issue allows authenticated, local attackers to execute arbitrary commands as root on the underlying operating system of an affected device. The root cause is insufficient validation of arguments in specific configuration CLI commands. An attacker can exploit this by providing crafted input as an argument, potentially gaining root-level access and control over the device. To exploit this vulnerability, an attacker needs Administrator credentials.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Cisco NX-OS

Affected Vendors

  • Cisco Systems Inc

Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2024-20399 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future
  • Gain complete coverage of your cyber, third party, and physical attack surface
  • Proactively mitigate threats before they turn into costly attacks
  • Make fast, effective, data-driven decisions