CVE-2024-20457
CVSS 3.1 Score 6.5 of 10 (medium)
Details
Published Nov 6, 2024
CWE ID 200
Summary
CVE-2024-20457 is a logging component vulnerability in Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P). This issue allows authenticated, remote attackers to view sensitive information in clear text on affected systems due to the unencrypted storage of credentials in certain logs. An attacker could exploit this vulnerability by accessing the logs and gaining unauthorized access to credentials, potentially leading to the exposure of sensitive information from the device.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Cisco Unified Communications Manager
Affected Vendors
- Cisco Systems Inc