{"vulnerability": "CVE-2024-20537", "sightings": [{"uuid": "c5d4a4a9-387a-465f-9b5e-e6459bc9937b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20537", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113442108664352339", "content": "", "creation_timestamp": "2024-11-07T14:20:08.053901Z"}, {"uuid": "af2e5c26-3882-4490-b67f-b9ca1bc243cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20537", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113442108664352339", "content": "", "creation_timestamp": "2024-11-07T14:20:08.507254Z"}, {"uuid": "63a5e608-87d7-42f3-915b-85e605de3881", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20537", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113442108664352339", "content": "", "creation_timestamp": "2024-11-07T14:20:08.778583Z"}, {"uuid": "ee9b2baf-25bb-41be-8649-0a1dc56d8f06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20537", "type": "seen", "source": "https://t.me/cvedetector/10018", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20537 - Cisco ISE \"Authorization Bypass\" Remote Authentication Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-20537 \nPublished : Nov. 6, 2024, 5:15 p.m. | 36\u00a0minutes ago \nDescription : A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to bypass the authorization mechanisms for specific administrative functions.  \n  \nThis vulnerability is due to a lack of server-side validation of Administrator permissions. An attacker could exploit this vulnerability by submitting a crafted HTTP request to an affected system. A successful exploit could allow the attacker to conduct administrative functions beyond their intended access level. To exploit this vulnerability, an attacker would need Read-Only Administrator credentials. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-06T19:10:37.000000Z"}]}