CVE-2024-20391 (GCVE-0-2024-20391)
Vulnerability from cvelistv5 – Published: 2024-05-15 17:24 – Updated: 2024-08-01 21:59
VLAI
Summary
A vulnerability in the Network Access Manager (NAM) module of Cisco Secure Client could allow an unauthenticated attacker with physical access to an affected device to elevate privileges to SYSTEM.
This vulnerability is due to a lack of authentication on a specific function. A successful exploit could allow the attacker to execute arbitrary code with SYSTEM privileges on an affected device.
Severity
6.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
1 reference
Impacted products
38 products
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Secure Client |
Affected:
4.9.00086
Affected: 4.9.01095 Affected: 4.9.02028 Affected: 4.9.03047 Affected: 4.9.03049 Affected: 4.9.04043 Affected: 4.9.04053 Affected: 4.9.05042 Affected: 4.9.06037 Affected: 4.10.00093 Affected: 4.10.01075 Affected: 4.10.02086 Affected: 4.10.03104 Affected: 4.10.04065 Affected: 4.10.04071 Affected: 4.10.05085 Affected: 4.10.05095 Affected: 4.10.05111 Affected: 4.10.06079 Affected: 4.10.06090 Affected: 4.10.07061 Affected: 4.10.07062 Affected: 4.10.07073 Affected: 4.10.08025 Affected: 4.10.08029 Affected: 5.0.00238 Affected: 5.0.00529 Affected: 5.0.00556 Affected: 5.0.01242 Affected: 5.0.02075 Affected: 5.0.03072 Affected: 5.0.03076 Affected: 5.0.04032 Affected: 5.0.05040 Affected: 5.1.0.136 Affected: 5.1.1.42 Affected: 5.1.2.42 |
|
| cisco | secure_client |
Affected:
4.9.01095
cpe:2.3:a:cisco:secure_client:4.9.01095:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
4.9.02028
cpe:2.3:a:cisco:secure_client:4.9.02028:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
4.9.03047
cpe:2.3:a:cisco:secure_client:4.9.03047:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
4.9.03049
cpe:2.3:a:cisco:secure_client:4.9.03049:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
4.9.04043
cpe:2.3:a:cisco:secure_client:4.9.04043:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
4.9.04053
cpe:2.3:a:cisco:secure_client:4.9.04053:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
4.9.05042
cpe:2.3:a:cisco:secure_client:4.9.05042:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
4.9.06037
cpe:2.3:a:cisco:secure_client:4.9.06037:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
4.10.00093
cpe:2.3:a:cisco:secure_client:4.10.00093:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
4.10.01075
cpe:2.3:a:cisco:secure_client:4.10.01075:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
4.10.02086
cpe:2.3:a:cisco:secure_client:4.10.02086:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
4.10.03104
cpe:2.3:a:cisco:secure_client:4.10.03104:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
4.10.04065
cpe:2.3:a:cisco:secure_client:4.10.04065:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
4.10.04071
cpe:2.3:a:cisco:secure_client:4.10.04071:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
4.10.05085
cpe:2.3:a:cisco:secure_client:4.10.05085:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
4.10.05095
cpe:2.3:a:cisco:secure_client:4.10.05095:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
4.10.05111
cpe:2.3:a:cisco:secure_client:4.10.05111:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
4.10.06079
cpe:2.3:a:cisco:secure_client:4.10.06079:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
4.10.06090
cpe:2.3:a:cisco:secure_client:4.10.06090:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
4.10.07061
cpe:2.3:a:cisco:secure_client:4.10.07061:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
4.10.07062
cpe:2.3:a:cisco:secure_client:4.10.07062:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
4.10.07073
cpe:2.3:a:cisco:secure_client:4.10.07073:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
4.10.08025
cpe:2.3:a:cisco:secure_client:4.10.08025:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
4.10.08029
cpe:2.3:a:cisco:secure_client:4.10.08029:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
5.0.00238
cpe:2.3:a:cisco:secure_client:5.0.00238:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
5.0.00529
cpe:2.3:a:cisco:secure_client:5.0.00529:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
5.0.00556
cpe:2.3:a:cisco:secure_client:5.0.00556:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
5.0.01242
cpe:2.3:a:cisco:secure_client:5.0.01242:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
5.0.02075
cpe:2.3:a:cisco:secure_client:5.0.02075:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
5.0.03072
cpe:2.3:a:cisco:secure_client:5.0.03072:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
5.0.03076
cpe:2.3:a:cisco:secure_client:5.0.03076:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
5.0.04032
cpe:2.3:a:cisco:secure_client:5.0.04032:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
5.0.05040
cpe:2.3:a:cisco:secure_client:5.0.05040:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
4.9.00086
cpe:2.3:a:cisco:secure_client:4.9.00086:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
5.1.0.136
cpe:2.3:a:cisco:secure_client:5.1.0.136:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
5.1.1.42
cpe:2.3:a:cisco:secure_client:5.1.1.42:*:*:*:*:*:*:* |
|
| cisco | secure_client |
Affected:
5.1.2.42
cpe:2.3:a:cisco:secure_client:5.1.2.42:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:4.9.01095:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.9.01095"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:4.9.02028:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.9.02028"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:4.9.03047:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.9.03047"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:4.9.03049:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.9.03049"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:4.9.04043:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.9.04043"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:4.9.04053:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.9.04053"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:4.9.05042:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.9.05042"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:4.9.06037:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.9.06037"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:4.10.00093:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.10.00093"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:4.10.01075:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.10.01075"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:4.10.02086:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.10.02086"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:4.10.03104:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.10.03104"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:4.10.04065:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.10.04065"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:4.10.04071:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.10.04071"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:4.10.05085:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.10.05085"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:4.10.05095:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.10.05095"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:4.10.05111:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.10.05111"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:4.10.06079:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.10.06079"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:4.10.06090:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.10.06090"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:4.10.07061:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.10.07061"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:4.10.07062:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.10.07062"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:4.10.07073:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.10.07073"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:4.10.08025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.10.08025"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:4.10.08029:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.10.08029"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:5.0.00238:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "5.0.00238"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:5.0.00529:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "5.0.00529"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:5.0.00556:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "5.0.00556"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:5.0.01242:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "5.0.01242"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:5.0.02075:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "5.0.02075"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:5.0.03072:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "5.0.03072"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:5.0.03076:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "5.0.03076"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:5.0.04032:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "5.0.04032"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:5.0.05040:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "5.0.05040"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:4.9.00086:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.9.00086"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:5.1.0.136:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "5.1.0.136"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:5.1.1.42:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "5.1.1.42"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:secure_client:5.1.2.42:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secure_client",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "5.1.2.42"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20391",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T18:58:26.955767Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:40:05.799Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:42.903Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-secure-nam-priv-esc-szu2vYpZ",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secure-nam-priv-esc-szu2vYpZ"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Secure Client",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.9.00086"
},
{
"status": "affected",
"version": "4.9.01095"
},
{
"status": "affected",
"version": "4.9.02028"
},
{
"status": "affected",
"version": "4.9.03047"
},
{
"status": "affected",
"version": "4.9.03049"
},
{
"status": "affected",
"version": "4.9.04043"
},
{
"status": "affected",
"version": "4.9.04053"
},
{
"status": "affected",
"version": "4.9.05042"
},
{
"status": "affected",
"version": "4.9.06037"
},
{
"status": "affected",
"version": "4.10.00093"
},
{
"status": "affected",
"version": "4.10.01075"
},
{
"status": "affected",
"version": "4.10.02086"
},
{
"status": "affected",
"version": "4.10.03104"
},
{
"status": "affected",
"version": "4.10.04065"
},
{
"status": "affected",
"version": "4.10.04071"
},
{
"status": "affected",
"version": "4.10.05085"
},
{
"status": "affected",
"version": "4.10.05095"
},
{
"status": "affected",
"version": "4.10.05111"
},
{
"status": "affected",
"version": "4.10.06079"
},
{
"status": "affected",
"version": "4.10.06090"
},
{
"status": "affected",
"version": "4.10.07061"
},
{
"status": "affected",
"version": "4.10.07062"
},
{
"status": "affected",
"version": "4.10.07073"
},
{
"status": "affected",
"version": "4.10.08025"
},
{
"status": "affected",
"version": "4.10.08029"
},
{
"status": "affected",
"version": "5.0.00238"
},
{
"status": "affected",
"version": "5.0.00529"
},
{
"status": "affected",
"version": "5.0.00556"
},
{
"status": "affected",
"version": "5.0.01242"
},
{
"status": "affected",
"version": "5.0.02075"
},
{
"status": "affected",
"version": "5.0.03072"
},
{
"status": "affected",
"version": "5.0.03076"
},
{
"status": "affected",
"version": "5.0.04032"
},
{
"status": "affected",
"version": "5.0.05040"
},
{
"status": "affected",
"version": "5.1.0.136"
},
{
"status": "affected",
"version": "5.1.1.42"
},
{
"status": "affected",
"version": "5.1.2.42"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Network Access Manager (NAM) module of Cisco Secure Client could allow an unauthenticated attacker with physical access to an affected device to elevate privileges to SYSTEM.\r\n\r This vulnerability is due to a lack of authentication on a specific function. A successful exploit could allow the attacker to execute arbitrary code with SYSTEM privileges on an affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "Missing Authentication for Critical Function",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-15T17:24:34.138Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-secure-nam-priv-esc-szu2vYpZ",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secure-nam-priv-esc-szu2vYpZ"
}
],
"source": {
"advisory": "cisco-sa-secure-nam-priv-esc-szu2vYpZ",
"defects": [
"CSCwj48522"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20391",
"datePublished": "2024-05-15T17:24:34.138Z",
"dateReserved": "2023-11-08T15:08:07.659Z",
"dateUpdated": "2024-08-01T21:59:42.903Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-20391",
"date": "2026-06-10",
"epss": "0.00355",
"percentile": "0.58189"
},
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability in the Network Access Manager (NAM) module of Cisco Secure Client could allow an unauthenticated attacker with physical access to an affected device to elevate privileges to SYSTEM.\\r\\n\\r This vulnerability is due to a lack of authentication on a specific function. A successful exploit could allow the attacker to execute arbitrary code with SYSTEM privileges on an affected device.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad en el m\\u00f3dulo Network Access Manager (NAM) de Cisco Secure Client podr\\u00eda permitir que un atacante no autenticado con acceso f\\u00edsico a un dispositivo afectado eleve privilegios al SYSTEM. Esta vulnerabilidad se debe a la falta de autenticaci\\u00f3n en una funci\\u00f3n espec\\u00edfica. Un exploit exitoso podr\\u00eda permitir al atacante ejecutar c\\u00f3digo arbitrario con privilegios de SYSTEM en un dispositivo afectado.\"}]",
"id": "CVE-2024-20391",
"lastModified": "2024-11-21T08:52:31.933",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 6.8, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"PHYSICAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.9, \"impactScore\": 5.9}]}",
"published": "2024-05-15T18:15:10.153",
"references": "[{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secure-nam-priv-esc-szu2vYpZ\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secure-nam-priv-esc-szu2vYpZ\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": "[{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-306\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-20391\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2024-05-15T18:15:10.153\",\"lastModified\":\"2025-07-22T18:02:45.250\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the Network Access Manager (NAM) module of Cisco Secure Client could allow an unauthenticated attacker with physical access to an affected device to elevate privileges to SYSTEM.\\r\\n\\r This vulnerability is due to a lack of authentication on a specific function. A successful exploit could allow the attacker to execute arbitrary code with SYSTEM privileges on an affected device.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en el m\u00f3dulo Network Access Manager (NAM) de Cisco Secure Client podr\u00eda permitir que un atacante no autenticado con acceso f\u00edsico a un dispositivo afectado eleve privilegios al SYSTEM. Esta vulnerabilidad se debe a la falta de autenticaci\u00f3n en una funci\u00f3n espec\u00edfica. Un exploit exitoso podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario con privilegios de SYSTEM en un dispositivo afectado.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"PHYSICAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-306\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_client:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.1.3.62\",\"matchCriteriaId\":\"4FF362C4-2803-4CF9-83BE-34722F69E3E0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secure-nam-priv-esc-szu2vYpZ\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secure-nam-priv-esc-szu2vYpZ\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secure-nam-priv-esc-szu2vYpZ\", \"name\": \"cisco-sa-secure-nam-priv-esc-szu2vYpZ\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T21:59:42.903Z\"}}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-20391\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-05-15T18:58:26.955767Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:cisco:secure_client:4.9.01095:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.9.01095\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:4.9.02028:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.9.02028\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:4.9.03047:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.9.03047\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:4.9.03049:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.9.03049\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:4.9.04043:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.9.04043\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:4.9.04053:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.9.04053\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:4.9.05042:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.9.05042\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:4.9.06037:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.9.06037\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:4.10.00093:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.10.00093\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:4.10.01075:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.10.01075\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:4.10.02086:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.10.02086\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:4.10.03104:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.10.03104\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:4.10.04065:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.10.04065\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:4.10.04071:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.10.04071\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:4.10.05085:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.10.05085\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:4.10.05095:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.10.05095\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:4.10.05111:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.10.05111\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:4.10.06079:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.10.06079\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:4.10.06090:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.10.06090\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:4.10.07061:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.10.07061\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:4.10.07062:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.10.07062\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:4.10.07073:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.10.07073\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:4.10.08025:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.10.08025\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:4.10.08029:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.10.08029\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:5.0.00238:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.0.00238\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:5.0.00529:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.0.00529\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:5.0.00556:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.0.00556\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:5.0.01242:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.0.01242\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:5.0.02075:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.0.02075\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:5.0.03072:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.0.03072\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:5.0.03076:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.0.03076\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:5.0.04032:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.0.04032\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:5.0.05040:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.0.05040\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:4.9.00086:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.9.00086\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:5.1.0.136:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.1.0.136\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:5.1.1.42:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.1.1.42\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:cisco:secure_client:5.1.2.42:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"secure_client\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.1.2.42\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-15T19:02:43.350Z\"}, \"title\": \"CISA ADP Vulnrichment\"}], \"cna\": {\"source\": {\"defects\": [\"CSCwj48522\"], \"advisory\": \"cisco-sa-secure-nam-priv-esc-szu2vYpZ\", \"discovery\": \"EXTERNAL\"}, \"metrics\": [{\"format\": \"cvssV3_1\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.8, \"attackVector\": \"PHYSICAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco Secure Client\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.9.00086\"}, {\"status\": \"affected\", \"version\": \"4.9.01095\"}, {\"status\": \"affected\", \"version\": \"4.9.02028\"}, {\"status\": \"affected\", \"version\": \"4.9.03047\"}, {\"status\": \"affected\", \"version\": \"4.9.03049\"}, {\"status\": \"affected\", \"version\": \"4.9.04043\"}, {\"status\": \"affected\", \"version\": \"4.9.04053\"}, {\"status\": \"affected\", \"version\": \"4.9.05042\"}, {\"status\": \"affected\", \"version\": \"4.9.06037\"}, {\"status\": \"affected\", \"version\": \"4.10.00093\"}, {\"status\": \"affected\", \"version\": \"4.10.01075\"}, {\"status\": \"affected\", \"version\": \"4.10.02086\"}, {\"status\": \"affected\", \"version\": \"4.10.03104\"}, {\"status\": \"affected\", \"version\": \"4.10.04065\"}, {\"status\": \"affected\", \"version\": \"4.10.04071\"}, {\"status\": \"affected\", \"version\": \"4.10.05085\"}, {\"status\": \"affected\", \"version\": \"4.10.05095\"}, {\"status\": \"affected\", \"version\": \"4.10.05111\"}, {\"status\": \"affected\", \"version\": \"4.10.06079\"}, {\"status\": \"affected\", \"version\": \"4.10.06090\"}, {\"status\": \"affected\", \"version\": \"4.10.07061\"}, {\"status\": \"affected\", \"version\": \"4.10.07062\"}, {\"status\": \"affected\", \"version\": \"4.10.07073\"}, {\"status\": \"affected\", \"version\": \"4.10.08025\"}, {\"status\": \"affected\", \"version\": \"4.10.08029\"}, {\"status\": \"affected\", \"version\": \"5.0.00238\"}, {\"status\": \"affected\", \"version\": \"5.0.00529\"}, {\"status\": \"affected\", \"version\": \"5.0.00556\"}, {\"status\": \"affected\", \"version\": \"5.0.01242\"}, {\"status\": \"affected\", \"version\": \"5.0.02075\"}, {\"status\": \"affected\", \"version\": \"5.0.03072\"}, {\"status\": \"affected\", \"version\": \"5.0.03076\"}, {\"status\": \"affected\", \"version\": \"5.0.04032\"}, {\"status\": \"affected\", \"version\": \"5.0.05040\"}, {\"status\": \"affected\", \"version\": \"5.1.0.136\"}, {\"status\": \"affected\", \"version\": \"5.1.1.42\"}, {\"status\": \"affected\", \"version\": \"5.1.2.42\"}]}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secure-nam-priv-esc-szu2vYpZ\", \"name\": \"cisco-sa-secure-nam-priv-esc-szu2vYpZ\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the Network Access Manager (NAM) module of Cisco Secure Client could allow an unauthenticated attacker with physical access to an affected device to elevate privileges to SYSTEM.\\r\\n\\r This vulnerability is due to a lack of authentication on a specific function. A successful exploit could allow the attacker to execute arbitrary code with SYSTEM privileges on an affected device.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"cwe\", \"cweId\": \"CWE-306\", \"description\": \"Missing Authentication for Critical Function\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2024-05-15T17:24:34.138Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-20391\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-01T21:59:42.903Z\", \"dateReserved\": \"2023-11-08T15:08:07.659Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2024-05-15T17:24:34.138Z\", \"assignerShortName\": \"cisco\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…