Vulnerability-Lookup

BDU:2024-07524

Vulnerability from fstec - Published: 25.09.2024

Title

Уязвимость реализации SSH-сервера системы управления сетевой инфраструктурой Cisco Catalyst Center (ранее Cisco DNA Center), позволяющая нарушителю реализовать спуфинг-атаку

Description

Уязвимость реализации SSH-сервера системы управления сетевой инфраструктурой Cisco Catalyst Center (ранее Cisco DNA Center) связана с использованием криптографических алгоритмов шифрования с жестко запрограммированным ключом для шифрования. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, реализовать спуфинг-атаку

Severity ?


                    
                      AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Vendor

Cisco Systems Inc.

Software Name

Cisco Catalyst Center

Software Version

до 2.3.3 включительно (Cisco Catalyst Center), до 2.3.4 включительно (Cisco Catalyst Center), от 2.3.5 до 2.3.5.6 (Cisco Catalyst Center), до 2.3.6 включительно (Cisco Catalyst Center), от 2.3.7 до 2.3.7.5 (Cisco Catalyst Center)

Possible Mitigations

Установка обновлений из доверенных источников. В связи со сложившейся обстановкой и введенными санкциями против Российской Федерации рекомендуется устанавливать обновления программного обеспечения только после оценки всех сопутствующих рисков. Компенсирующие меры: - использование средств межсетевого экранирования для ограничения возможности удалённого доступа; - использование виртуальных частных сетей для организации удаленного доступа (VPN) к уязвимому программному обеспечению; - сегментирование сети для ограничения доступа к уязвимому программному обеспечению. Использование рекомендаций: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-ssh-e4uOdASj

Reference

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-ssh-e4uOdASj

CWE

CWE-321

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
  "CVSS 3.0": "AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Cisco Systems Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 2.3.3 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Cisco Catalyst Center), \u0434\u043e 2.3.4 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Cisco Catalyst Center), \u043e\u0442 2.3.5 \u0434\u043e 2.3.5.6 (Cisco Catalyst Center), \u0434\u043e 2.3.6 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Cisco Catalyst Center), \u043e\u0442 2.3.7 \u0434\u043e 2.3.7.5 (Cisco Catalyst Center)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0438\u0437 \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432.\n\u0412 \u0441\u0432\u044f\u0437\u0438 \u0441\u043e \u0441\u043b\u043e\u0436\u0438\u0432\u0448\u0435\u0439\u0441\u044f \u043e\u0431\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u043e\u0439 \u0438 \u0432\u0432\u0435\u0434\u0435\u043d\u043d\u044b\u043c\u0438 \u0441\u0430\u043d\u043a\u0446\u0438\u044f\u043c\u0438 \u043f\u0440\u043e\u0442\u0438\u0432 \u0420\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u043e\u0439 \u0424\u0435\u0434\u0435\u0440\u0430\u0446\u0438\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u0441\u043b\u0435 \u043e\u0446\u0435\u043d\u043a\u0438 \u0432\u0441\u0435\u0445 \u0441\u043e\u043f\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u0440\u0438\u0441\u043a\u043e\u0432.\n\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u043b\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430;\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u0447\u0430\u0441\u0442\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439 \u0434\u043b\u044f \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 (VPN) \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c\u0443 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c\u0443 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044e;\n- \u0441\u0435\u0433\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0435\u0442\u0438 \u0434\u043b\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c\u0443 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c\u0443 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044e.\n\n\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-ssh-e4uOdASj",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "25.09.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "27.09.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "27.09.2024",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-07524",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-20350",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Cisco Catalyst Center",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 SSH-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043e\u0439 Cisco Catalyst Center (\u0440\u0430\u043d\u0435\u0435 Cisco DNA Center), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u043f\u0443\u0444\u0438\u043d\u0433-\u0430\u0442\u0430\u043a\u0443",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0416\u0435\u0441\u0442\u043a\u043e\u0435 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043a\u043b\u044e\u0447\u0435\u0439 (CWE-321)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 SSH-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043e\u0439 Cisco Catalyst Center (\u0440\u0430\u043d\u0435\u0435 Cisco DNA Center) \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0430\u043b\u0433\u043e\u0440\u0438\u0442\u043c\u043e\u0432 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0441 \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043a\u043b\u044e\u0447\u043e\u043c \u0434\u043b\u044f \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u043f\u0443\u0444\u0438\u043d\u0433-\u0430\u0442\u0430\u043a\u0443",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-ssh-e4uOdASj",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-321",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,6)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)"
}

CVE-2024-20350 (GCVE-0-2024-20350)

Vulnerability from cvelistv5 – Published: 2024-09-25 16:19 – Updated: 2024-09-27 03:55

Title

Cisco Catalyst Center Static SSH Host Key Vulnerability

Summary

A vulnerability in the SSH server of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to impersonate a Cisco Catalyst Center appliance. This vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability by performing a machine-in-the-middle attack on SSH connections, which could allow the attacker to intercept traffic between SSH clients and a Cisco Catalyst Center appliance. A successful exploit could allow the attacker to impersonate the affected appliance, inject commands into the terminal session, and steal valid user credentials.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-321 - Use of Hard-coded Cryptographic Key

Assigner

cisco

References

URL

Tags

https://sec.cloudapps.cisco.com/security/center/c…

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Digital Network Architecture Center (DNA Center)	Affected: 1.4.0.0 Affected: 2.1.1.0 Affected: 2.1.1.3 Affected: 2.1.2.0 Affected: 2.1.2.3 Affected: 2.1.2.4 Affected: 2.1.2.5 Affected: 2.2.1.0 Affected: 2.1.2.6 Affected: 2.2.2.0 Affected: 2.2.2.1 Affected: 2.2.2.3 Affected: 2.1.2.7 Affected: 2.2.1.3 Affected: 2.2.3.0 Affected: 2.2.2.4 Affected: 2.2.2.5 Affected: 2.2.3.3 Affected: 2.2.2.7 Affected: 2.2.2.6 Affected: 2.2.2.8 Affected: 2.2.3.4 Affected: 2.1.2.8 Affected: 2.3.2.1 Affected: 2.3.2.1-AIRGAP Affected: 2.3.2.1-AIRGAP-CA Affected: 2.2.3.5 Affected: 2.3.3.0 Affected: 2.3.3.3 Affected: 2.3.3.1-AIRGAP Affected: 2.3.3.1 Affected: 2.3.2.3 Affected: 2.3.3.3-AIRGAP Affected: 2.2.3.6 Affected: 2.2.2.9 Affected: 2.3.3.0-AIRGAP Affected: 2.3.3.3-AIRGAP-CA Affected: 2.3.3.4 Affected: 2.3.3.4-AIRGAP Affected: 2.3.3.4-AIRGAP-MDNAC Affected: 2.3.3.4-HF1 Affected: 2.3.4.0 Affected: 2.3.3.5 Affected: 2.3.3.5-AIRGAP Affected: 2.3.4.0-AIRGAP Affected: 2.3.4.3 Affected: 2.3.4.3-AIRGAP Affected: 2.3.3.6 Affected: 2.3.5.0 Affected: 2.3.3.6-AIRGAP Affected: 2.3.5.0-AIRGAP Affected: 2.3.3.6-AIRGAP-MDNAC Affected: 2.3.5.0-AIRGAP-MDNAC Affected: 2.3.3.7 Affected: 2.3.3.7-AIRGAP Affected: 2.3.3.7-AIRGAP-MDNAC Affected: 2.3.6.0 Affected: 2.3.3.6-70045-HF1 Affected: 2.3.3.7-72328-AIRGAP Affected: 2.3.3.7-72323 Affected: 2.3.3.7-72328-MDNAC Affected: 2.3.5.3 Affected: 2.3.5.3-AIRGAP-MDNAC Affected: 2.3.5.3-AIRGAP Affected: 2.3.6.0-AIRGAP Affected: 2.3.7.0 Affected: 2.3.7.0-AIRGAP Affected: 2.3.7.0-AIRGAP-MDNAC Affected: 2.3.7.0-VA Affected: 2.3.5.4 Affected: 2.3.5.4-AIRGAP Affected: 2.3.5.4-AIRGAP-MDNAC Affected: 2.3.7.3 Affected: 2.3.7.3-AIRGAP Affected: 2.3.7.3-AIRGAP-MDNAC Affected: 2.3.5.5-AIRGAP Affected: 2.3.5.5 Affected: 2.3.5.5-AIRGAP-MDNAC Affected: 2.3.7.4 Affected: 2.3.7.4-AIRGAP Affected: 2.3.7.4-AIRGAP-MDNAC Affected: 1.0.0.0 Affected: 2.3.5.5-70026-HF70 Affected: 2.3.5.5-70026-HF51 Affected: 2.3.5.5-70026-HF52 Affected: 2.3.5.5-70026-HF53

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:cisco:digital_network_architecture_center:1.4.0.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.1.1.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.1.1.3:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.1.2.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.1.2.3:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.1.2.4:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.1.2.5:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.1.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.1.2.6:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.1:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.3:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.1.2.7:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.1.3:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.3.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.4:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.5:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.3.3:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.7:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.6:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.8:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.3.4:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.1.2.8:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.2.1:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.2.1-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.2.1-airgap-ca:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.3.5:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.3:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.1-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.1:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.2.3:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.3-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.3.6:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.9:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.0-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.3-airgap-ca:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.4:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.4-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.4-airgap-mdnac:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.4-hf1:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.4.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.5:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.5-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.4.0-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.4.3:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.4.3-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.6:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.6-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.0-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.6-airgap-mdnac:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.0-airgap-mdnac:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.7:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.7-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.7-airgap-mdnac:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.6.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.6-70045-hf1:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.7-72328-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.7-72323:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.7-72328-mdnac:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.3:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.3-airgap-mdnac:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.3-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.6.0-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.0-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.0-airgap-mdnac:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.0-va:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.4:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.4-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.4-airgap-mdnac:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.3:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.3-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.3-airgap-mdnac:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.5-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.5:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.5-airgap-mdnac:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.4:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.4-airgap:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.4-airgap-mdnac:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:1.0.0.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.5-70026-hf70:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.5-70026-hf51:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.5-70026-hf52:*:*:*:*:*:*:*",
              "cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.5-70026-hf53:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "digital_network_architecture_center",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "1.4.0.0"
              },
              {
                "status": "affected",
                "version": "2.1.1.0"
              },
              {
                "status": "affected",
                "version": "2.1.1.3"
              },
              {
                "status": "affected",
                "version": "2.1.2.0"
              },
              {
                "status": "affected",
                "version": "2.1.2.3"
              },
              {
                "status": "affected",
                "version": "2.1.2.4"
              },
              {
                "status": "affected",
                "version": "2.1.2.5"
              },
              {
                "status": "affected",
                "version": "2.2.1.0"
              },
              {
                "status": "affected",
                "version": "2.1.2.6"
              },
              {
                "status": "affected",
                "version": "2.2.2.0"
              },
              {
                "status": "affected",
                "version": "2.2.2.1"
              },
              {
                "status": "affected",
                "version": "2.2.2.3"
              },
              {
                "status": "affected",
                "version": "2.1.2.7"
              },
              {
                "status": "affected",
                "version": "2.2.1.3"
              },
              {
                "status": "affected",
                "version": "2.2.3.0"
              },
              {
                "status": "affected",
                "version": "2.2.2.4"
              },
              {
                "status": "affected",
                "version": "2.2.2.5"
              },
              {
                "status": "affected",
                "version": "2.2.3.3"
              },
              {
                "status": "affected",
                "version": "2.2.2.7"
              },
              {
                "status": "affected",
                "version": "2.2.2.6"
              },
              {
                "status": "affected",
                "version": "2.2.2.8"
              },
              {
                "status": "affected",
                "version": "2.2.3.4"
              },
              {
                "status": "affected",
                "version": "2.1.2.8"
              },
              {
                "status": "affected",
                "version": "2.3.2.1"
              },
              {
                "status": "affected",
                "version": "2.3.2.1-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.2.1-airgap-ca"
              },
              {
                "status": "affected",
                "version": "2.2.3.5"
              },
              {
                "status": "affected",
                "version": "2.3.3.0"
              },
              {
                "status": "affected",
                "version": "2.3.3.3"
              },
              {
                "status": "affected",
                "version": "2.3.3.1-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.3.1"
              },
              {
                "status": "affected",
                "version": "2.3.2.3"
              },
              {
                "status": "affected",
                "version": "2.3.3.3-airgap"
              },
              {
                "status": "affected",
                "version": "2.2.3.6"
              },
              {
                "status": "affected",
                "version": "2.2.2.9"
              },
              {
                "status": "affected",
                "version": "2.3.3.0-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.3.3-airgap-ca"
              },
              {
                "status": "affected",
                "version": "2.3.3.4"
              },
              {
                "status": "affected",
                "version": "2.3.3.4-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.3.4-airgap-mdnac"
              },
              {
                "status": "affected",
                "version": "2.3.3.4-hf1"
              },
              {
                "status": "affected",
                "version": "2.3.4.0"
              },
              {
                "status": "affected",
                "version": "2.3.3.5"
              },
              {
                "status": "affected",
                "version": "2.3.3.5-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.4.0-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.4.3"
              },
              {
                "status": "affected",
                "version": "2.3.4.3-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.3.6"
              },
              {
                "status": "affected",
                "version": "2.3.5.0"
              },
              {
                "status": "affected",
                "version": "2.3.3.6-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.5.0-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.3.6-airgap-mdnac"
              },
              {
                "status": "affected",
                "version": "2.3.5.0-airgap-mdnac"
              },
              {
                "status": "affected",
                "version": "2.3.3.7"
              },
              {
                "status": "affected",
                "version": "2.3.3.7-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.3.7-airgap-mdnac"
              },
              {
                "status": "affected",
                "version": "2.3.6.0"
              },
              {
                "status": "affected",
                "version": "2.3.3.6-70045-hf1"
              },
              {
                "status": "affected",
                "version": "2.3.3.7-72328-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.3.7-72323"
              },
              {
                "status": "affected",
                "version": "2.3.3.7-72328-mdnac"
              },
              {
                "status": "affected",
                "version": "2.3.5.3"
              },
              {
                "status": "affected",
                "version": "2.3.5.3-airgap-mdnac"
              },
              {
                "status": "affected",
                "version": "2.3.5.3-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.6.0-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.7.0"
              },
              {
                "status": "affected",
                "version": "2.3.7.0-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.7.0-airgap-mdnac"
              },
              {
                "status": "affected",
                "version": "2.3.7.0-va"
              },
              {
                "status": "affected",
                "version": "2.3.5.4"
              },
              {
                "status": "affected",
                "version": "2.3.5.4-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.5.4-airgap-mdnac"
              },
              {
                "status": "affected",
                "version": "2.3.7.3"
              },
              {
                "status": "affected",
                "version": "2.3.7.3-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.7.3-airgap-mdnac"
              },
              {
                "status": "affected",
                "version": "2.3.5.5-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.5.5"
              },
              {
                "status": "affected",
                "version": "2.3.5.5-airgap-mdnac"
              },
              {
                "status": "affected",
                "version": "2.3.7.4"
              },
              {
                "status": "affected",
                "version": "2.3.7.4-airgap"
              },
              {
                "status": "affected",
                "version": "2.3.7.4-airgap-mdnac"
              },
              {
                "status": "affected",
                "version": "1.0.0.0"
              },
              {
                "status": "affected",
                "version": "2.3.5.5-70026-hf70"
              },
              {
                "status": "affected",
                "version": "2.3.5.5-70026-hf51"
              },
              {
                "status": "affected",
                "version": "2.3.5.5-70026-hf52"
              },
              {
                "status": "affected",
                "version": "2.3.5.5-70026-hf53"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20350",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-26T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-27T03:55:13.779Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Cisco Digital Network Architecture Center (DNA Center)",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "1.4.0.0"
            },
            {
              "status": "affected",
              "version": "2.1.1.0"
            },
            {
              "status": "affected",
              "version": "2.1.1.3"
            },
            {
              "status": "affected",
              "version": "2.1.2.0"
            },
            {
              "status": "affected",
              "version": "2.1.2.3"
            },
            {
              "status": "affected",
              "version": "2.1.2.4"
            },
            {
              "status": "affected",
              "version": "2.1.2.5"
            },
            {
              "status": "affected",
              "version": "2.2.1.0"
            },
            {
              "status": "affected",
              "version": "2.1.2.6"
            },
            {
              "status": "affected",
              "version": "2.2.2.0"
            },
            {
              "status": "affected",
              "version": "2.2.2.1"
            },
            {
              "status": "affected",
              "version": "2.2.2.3"
            },
            {
              "status": "affected",
              "version": "2.1.2.7"
            },
            {
              "status": "affected",
              "version": "2.2.1.3"
            },
            {
              "status": "affected",
              "version": "2.2.3.0"
            },
            {
              "status": "affected",
              "version": "2.2.2.4"
            },
            {
              "status": "affected",
              "version": "2.2.2.5"
            },
            {
              "status": "affected",
              "version": "2.2.3.3"
            },
            {
              "status": "affected",
              "version": "2.2.2.7"
            },
            {
              "status": "affected",
              "version": "2.2.2.6"
            },
            {
              "status": "affected",
              "version": "2.2.2.8"
            },
            {
              "status": "affected",
              "version": "2.2.3.4"
            },
            {
              "status": "affected",
              "version": "2.1.2.8"
            },
            {
              "status": "affected",
              "version": "2.3.2.1"
            },
            {
              "status": "affected",
              "version": "2.3.2.1-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.2.1-AIRGAP-CA"
            },
            {
              "status": "affected",
              "version": "2.2.3.5"
            },
            {
              "status": "affected",
              "version": "2.3.3.0"
            },
            {
              "status": "affected",
              "version": "2.3.3.3"
            },
            {
              "status": "affected",
              "version": "2.3.3.1-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.3.1"
            },
            {
              "status": "affected",
              "version": "2.3.2.3"
            },
            {
              "status": "affected",
              "version": "2.3.3.3-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.2.3.6"
            },
            {
              "status": "affected",
              "version": "2.2.2.9"
            },
            {
              "status": "affected",
              "version": "2.3.3.0-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.3.3-AIRGAP-CA"
            },
            {
              "status": "affected",
              "version": "2.3.3.4"
            },
            {
              "status": "affected",
              "version": "2.3.3.4-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.3.4-AIRGAP-MDNAC"
            },
            {
              "status": "affected",
              "version": "2.3.3.4-HF1"
            },
            {
              "status": "affected",
              "version": "2.3.4.0"
            },
            {
              "status": "affected",
              "version": "2.3.3.5"
            },
            {
              "status": "affected",
              "version": "2.3.3.5-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.4.0-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.4.3"
            },
            {
              "status": "affected",
              "version": "2.3.4.3-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.3.6"
            },
            {
              "status": "affected",
              "version": "2.3.5.0"
            },
            {
              "status": "affected",
              "version": "2.3.3.6-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.5.0-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.3.6-AIRGAP-MDNAC"
            },
            {
              "status": "affected",
              "version": "2.3.5.0-AIRGAP-MDNAC"
            },
            {
              "status": "affected",
              "version": "2.3.3.7"
            },
            {
              "status": "affected",
              "version": "2.3.3.7-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.3.7-AIRGAP-MDNAC"
            },
            {
              "status": "affected",
              "version": "2.3.6.0"
            },
            {
              "status": "affected",
              "version": "2.3.3.6-70045-HF1"
            },
            {
              "status": "affected",
              "version": "2.3.3.7-72328-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.3.7-72323"
            },
            {
              "status": "affected",
              "version": "2.3.3.7-72328-MDNAC"
            },
            {
              "status": "affected",
              "version": "2.3.5.3"
            },
            {
              "status": "affected",
              "version": "2.3.5.3-AIRGAP-MDNAC"
            },
            {
              "status": "affected",
              "version": "2.3.5.3-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.6.0-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.7.0"
            },
            {
              "status": "affected",
              "version": "2.3.7.0-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.7.0-AIRGAP-MDNAC"
            },
            {
              "status": "affected",
              "version": "2.3.7.0-VA"
            },
            {
              "status": "affected",
              "version": "2.3.5.4"
            },
            {
              "status": "affected",
              "version": "2.3.5.4-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.5.4-AIRGAP-MDNAC"
            },
            {
              "status": "affected",
              "version": "2.3.7.3"
            },
            {
              "status": "affected",
              "version": "2.3.7.3-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.7.3-AIRGAP-MDNAC"
            },
            {
              "status": "affected",
              "version": "2.3.5.5-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.5.5"
            },
            {
              "status": "affected",
              "version": "2.3.5.5-AIRGAP-MDNAC"
            },
            {
              "status": "affected",
              "version": "2.3.7.4"
            },
            {
              "status": "affected",
              "version": "2.3.7.4-AIRGAP"
            },
            {
              "status": "affected",
              "version": "2.3.7.4-AIRGAP-MDNAC"
            },
            {
              "status": "affected",
              "version": "1.0.0.0"
            },
            {
              "status": "affected",
              "version": "2.3.5.5-70026-HF70"
            },
            {
              "status": "affected",
              "version": "2.3.5.5-70026-HF51"
            },
            {
              "status": "affected",
              "version": "2.3.5.5-70026-HF52"
            },
            {
              "status": "affected",
              "version": "2.3.5.5-70026-HF53"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the SSH server of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to impersonate a Cisco Catalyst Center appliance.\r\n\r\nThis vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability by performing a machine-in-the-middle attack on SSH connections, which could allow the attacker to intercept traffic between SSH clients and a Cisco Catalyst Center appliance. A successful exploit could allow the attacker to impersonate the affected appliance, inject commands into the terminal session, and steal valid user credentials."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "Use of Hard-coded Cryptographic Key",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-25T16:19:15.162Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-dnac-ssh-e4uOdASj",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-ssh-e4uOdASj"
        }
      ],
      "source": {
        "advisory": "cisco-sa-dnac-ssh-e4uOdASj",
        "defects": [
          "CSCwi40467"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Catalyst Center Static SSH Host Key Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20350",
    "datePublished": "2024-09-25T16:19:15.162Z",
    "dateReserved": "2023-11-08T15:08:07.646Z",
    "dateUpdated": "2024-09-27T03:55:13.779Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2024-07524

CVE-2024-20350 (GCVE-0-2024-20350)

Tags

Sightings

Nomenclature