FKIE_CVE-2024-20326
Vulnerability from fkie_nvd - Published: 2024-05-16 14:15 - Updated: 2026-06-17 07:06
Severity
Summary
A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system.
This vulnerability is due to improper authorization enforcement when specific CLI commands are used. An attacker could exploit this vulnerability by executing an affected CLI command with crafted arguments. A successful exploit could allow the attacker to read or write arbitrary files on the underlying operating system with the privileges of the root user.
References
Impacted products
{
"affected": [
{
"affectedData": [
{
"product": "Cisco ConfD",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.3.5"
},
{
"status": "affected",
"version": "7.3.5.2"
},
{
"status": "affected",
"version": "7.3.5.1"
},
{
"status": "affected",
"version": "7.3.6"
},
{
"status": "affected",
"version": "7.4.5.3"
},
{
"status": "affected",
"version": "7.4.5.2"
},
{
"status": "affected",
"version": "7.4.6"
},
{
"status": "affected",
"version": "7.4.5.1"
},
{
"status": "affected",
"version": "7.4.8"
},
{
"status": "affected",
"version": "7.4.5"
},
{
"status": "affected",
"version": "7.4.7"
},
{
"status": "affected",
"version": "7.5.10"
},
{
"status": "affected",
"version": "7.5.4"
},
{
"status": "affected",
"version": "7.5.3.2"
},
{
"status": "affected",
"version": "7.5.3.1"
},
{
"status": "affected",
"version": "7.5.4.2"
},
{
"status": "affected",
"version": "7.5.4.1"
},
{
"status": "affected",
"version": "7.5.6.2"
},
{
"status": "affected",
"version": "7.5.5"
},
{
"status": "affected",
"version": "7.5.8"
},
{
"status": "affected",
"version": "7.5.9"
},
{
"status": "affected",
"version": "7.5.6"
},
{
"status": "affected",
"version": "7.5.4.3"
},
{
"status": "affected",
"version": "7.5.6.1"
},
{
"status": "affected",
"version": "7.5.7"
},
{
"status": "affected",
"version": "7.5.5.1"
},
{
"status": "affected",
"version": "7.5.3"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.6.12"
},
{
"status": "affected",
"version": "7.6.11"
},
{
"status": "affected",
"version": "7.6.9"
},
{
"status": "affected",
"version": "7.6.5"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.6.14.1"
},
{
"status": "affected",
"version": "7.6.8.1"
},
{
"status": "affected",
"version": "7.6.2"
},
{
"status": "affected",
"version": "7.6.4"
},
{
"status": "affected",
"version": "7.6.8"
},
{
"status": "affected",
"version": "7.6.7"
},
{
"status": "affected",
"version": "7.6.10"
},
{
"status": "affected",
"version": "7.6.3"
},
{
"status": "affected",
"version": "7.6.13"
},
{
"status": "affected",
"version": "7.6.14"
},
{
"status": "affected",
"version": "7.6.6"
},
{
"status": "affected",
"version": "7.7.7"
},
{
"status": "affected",
"version": "7.7.13"
},
{
"status": "affected",
"version": "7.7.4"
},
{
"status": "affected",
"version": "7.7.8"
},
{
"status": "affected",
"version": "7.7.9"
},
{
"status": "affected",
"version": "7.7.12"
},
{
"status": "affected",
"version": "7.7.2"
},
{
"status": "affected",
"version": "7.7.5"
},
{
"status": "affected",
"version": "7.7.5.1"
},
{
"status": "affected",
"version": "7.7.6"
},
{
"status": "affected",
"version": "7.7.10"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.7.3"
},
{
"status": "affected",
"version": "7.7.11"
},
{
"status": "affected",
"version": "7.8.8"
},
{
"status": "affected",
"version": "7.8.4"
},
{
"status": "affected",
"version": "7.8.2"
},
{
"status": "affected",
"version": "7.8.7"
},
{
"status": "affected",
"version": "7.8.9"
},
{
"status": "affected",
"version": "7.8.11"
},
{
"status": "affected",
"version": "7.8.5"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "7.8.3"
},
{
"status": "affected",
"version": "7.8.6"
},
{
"status": "affected",
"version": "7.8.10"
},
{
"status": "affected",
"version": "8.0.4"
},
{
"status": "affected",
"version": "8.0.8"
},
{
"status": "affected",
"version": "8.0.5"
},
{
"status": "affected",
"version": "8.0.7"
},
{
"status": "affected",
"version": "8.0.2"
},
{
"status": "affected",
"version": "8.0.1"
},
{
"status": "affected",
"version": "8.0.3"
},
{
"status": "affected",
"version": "8.0.6"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "8.0"
},
{
"status": "affected",
"version": "8.1.2"
},
{
"status": "affected",
"version": "8.1.4"
},
{
"status": "affected",
"version": "8.1.1"
},
{
"status": "affected",
"version": "8.1.3"
}
]
},
{
"product": "Cisco ConfD Basic",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "8.0.1"
},
{
"status": "affected",
"version": "8.0.6"
},
{
"status": "affected",
"version": "8.0.4"
},
{
"status": "affected",
"version": "8.0.2"
},
{
"status": "affected",
"version": "8.0.3"
},
{
"status": "affected",
"version": "8.0.5"
},
{
"status": "affected",
"version": "8.0.10"
},
{
"status": "affected",
"version": "8.0.11"
},
{
"status": "affected",
"version": "8.0.7"
},
{
"status": "affected",
"version": "8.0.8"
},
{
"status": "affected",
"version": "8.0.9"
},
{
"status": "affected",
"version": "7.8.3"
},
{
"status": "affected",
"version": "8.0"
}
]
},
{
"product": "Cisco Network Services Orchestrator",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"source": "psirt@cisco.com"
},
{
"affectedData": [
{
"cpes": [
"cpe:2.3:a:cisco:confd:7.5.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "confd",
"vendor": "cisco",
"versions": [
{
"lessThan": "7.5.10.2",
"status": "affected",
"version": "7.5.3",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:confd:7.6:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "confd",
"vendor": "cisco",
"versions": [
{
"lessThan": "7.6.14.2",
"status": "affected",
"version": "7.6",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:confd:7.7:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "confd",
"vendor": "cisco",
"versions": [
{
"lessThan": "7.7.15",
"status": "affected",
"version": "7.7",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:confd:7.8:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "confd",
"vendor": "cisco",
"versions": [
{
"lessThan": "7.8.13.1",
"status": "affected",
"version": "7.8",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:confd:8.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "confd",
"vendor": "cisco",
"versions": [
{
"lessThan": "8.0.12",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:confd:7.1.7:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "confd",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "7.1.7"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:confd:7.2.7:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "confd",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "7.2.7"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:confd:7.3.7:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "confd",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "7.3.7"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:confd:7.4.7:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "confd",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "7.4.7"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:network_services_orchestrator:5.1.7:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "network_services_orchestrator",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "5.1.7"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:network_services_orchestrator:5.2.7:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "network_services_orchestrator",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "5.2.7"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:network_services_orchestrator:5.3.5:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "network_services_orchestrator",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "5.3.5"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:network_services_orchestrator:5.4.5:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "network_services_orchestrator",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "5.4.5"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:network_services_orchestrator:5.5.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "network_services_orchestrator",
"vendor": "cisco",
"versions": [
{
"lessThan": "5.5.10.1",
"status": "affected",
"version": "5.5.3",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:network_services_orchestrator:5.6:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "network_services_orchestrator",
"vendor": "cisco",
"versions": [
{
"lessThan": "5.6.14.3",
"status": "affected",
"version": "5.6",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:network_services_orchestrator:5.7:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "network_services_orchestrator",
"vendor": "cisco",
"versions": [
{
"lessThan": " \t5.7.15",
"status": "affected",
"version": "5.7",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:network_services_orchestrator:5.8:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "network_services_orchestrator",
"vendor": "cisco",
"versions": [
{
"lessThan": " \t5.8.13.1",
"status": "affected",
"version": "5.8",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:network_services_orchestrator:6.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "network_services_orchestrator",
"vendor": "cisco",
"versions": [
{
"lessThan": "6.0.12",
"status": "affected",
"version": "6.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:network_services_orchestrator:6.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "network_services_orchestrator",
"vendor": "cisco",
"versions": [
{
"lessThan": "6.1.7",
"status": "affected",
"version": "6.1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:network_services_orchestrator:6.2:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "network_services_orchestrator",
"vendor": "cisco",
"versions": [
{
"lessThan": "6.2.2",
"status": "affected",
"version": "6.2",
"versionType": "custom"
}
]
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:confd_basic:7.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8BAFEB0D-15E8-4ED5-AA2F-FCFF784462DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_basic:7.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3573A37A-D137-4B9A-8302-0D0562AB5784",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_basic:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFDCDF0C-B190-4570-AE4A-4F2DD1A52F41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_basic:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "48CC77F0-2188-467C-82F2-A3E77350A650",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_basic:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "109545B7-86B5-4B56-A361-AF08EF0E15A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_basic:8.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "59ED080F-7BAC-453C-84DC-7945E988F912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_basic:8.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FC92BEB7-7EFF-4A8F-ACB8-8A33A2BC68E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_basic:8.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A712A2EC-DD0E-40D3-A757-F3CB40C056BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_basic:8.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FE7F5A5E-A3BB-479B-8D00-9181BE6DB324",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_basic:8.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "79CDABDB-73AB-46FB-B54B-EC8092312799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_basic:8.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "567988DF-F202-4832-A50A-AA9EF478DC30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_basic:8.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F71011A4-69D3-4024-B197-17546BDFC418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_basic:8.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4C3E38FB-A91D-4950-A478-8774F7104C32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_basic:8.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "9B602FC1-4CEE-4D36-B54D-4720E5148351",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "955FAB89-5884-49B8-844F-8F793F94533A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9BB8262B-91D8-4D5D-99FE-442747683608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE14C54F-030F-433B-8D18-493FFAFD2615",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "15789D7E-1DD2-40EF-AAF1-9A249E5A1EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "78F83248-56C2-450B-85B0-8F3D7927A0B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.4.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E6CD2D-04B5-4416-816F-34E75334D28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.4.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "87DD6DEF-3DD8-46CC-BBDA-B1CB02EA863E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.4.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6462F420-CDD3-4CCB-ADDA-9D4C637C62A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E674A274-04C7-45D3-A03C-6D6D47D9B6EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "30FB9787-2D1F-4385-86CF-0F634525F6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B9EE4A-AD51-4F8B-BD6C-6AB9C7D5CA67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D2E9B1FC-1F97-44A7-BF73-CCD4E1BA813B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C3595108-C8C9-46AE-9191-CCC4E30524BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A42C6434-1760-45E9-821F-B10F2363EBC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "25EC546A-3F75-45A1-9A4F-AA88366460A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.5.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "53814C24-83B0-4C9D-A344-8C42A2C76A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.5.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "71FCE4AC-EAE7-4231-A249-7090E249AC11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.5.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7232B7D0-C34C-4045-B683-69D3815E74C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "43110F62-AD93-4F23-944E-17279A5A805B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2B9959AF-36DC-48A1-9439-C2962DDA47F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7FB0439B-DE71-4118-AF1F-687024718654",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.5.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B23A29A4-663E-49AE-9A27-9BA9DF90DC00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "74F51011-A9D2-4D62-A9A2-42718A3E1E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0FA83B18-264D-4418-AE3B-485FEA777A7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "CBE45D50-68A8-4E1B-8285-153AB0B6B1C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "88928CAC-6177-4255-BF79-011853775223",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7514B52B-47BC-4349-825A-752234D8AAF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B771559D-BEE1-44FB-87EB-5D80BE58966A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1062A5FF-D0BB-42F3-89C0-AC530DD219D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A15F9A59-951D-468E-94F5-BE676563AAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "16A887CB-BBEC-473F-8ABB-7E62061A7BE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6A52C0DA-67BD-4D2A-804C-23E9C48118D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "209F5A28-A1D6-447F-A0FB-58F736661733",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "45C16CA7-5860-4D40-B502-DD85B2644952",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "246B53CB-E2E7-4935-B163-32F7FD62C32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "505AF62D-796D-4E8C-8F08-90397B43F57F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.6.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7E554197-5231-48DB-96BC-0BAB310E3FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "35203B1A-8204-4DBC-9FC8-DAFF83CB92C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B34B63F6-4BE7-4AFE-B697-CDDBF47FB08E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F8083E68-5129-4E62-A83D-49C7EC962B6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "FAFCF886-FA10-4F32-986B-9E4811C27264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.6.13:*:*:*:*:*:*:*",
"matchCriteriaId": "03A16ED7-C5CD-457D-AA1C-5CEC9AD605A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.6.14:*:*:*:*:*:*:*",
"matchCriteriaId": "30586725-2E71-4678-9FD6-368E77CE3672",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.6.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5AC87266-672F-4D4A-8651-5DDD59950B7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CCD1BAF-C495-4C8E-829D-36EE74D87598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "11D7887C-5EE5-45CC-B23B-6EBD1FD3DD03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "606775C7-AE45-41B5-8C72-19BD7EC0DA94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EA18CF4A-31DA-4326-A49E-23B1052BCA4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E88BF492-124C-476F-958C-B08EA4BF4C81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9A5E4155-C81F-48B7-A98A-6C56762F2835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.7.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EDEDEC04-5615-402D-92C6-B8095A64231F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1238717C-8420-43CA-AECD-7A4811FD182C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "BBB4E2DD-B646-4940-A64A-6DCC87A577B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "19D9F3D0-793B-4D1A-929F-146307F6D62C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.7.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D4247A24-3D8A-4B75-8B87-DA453DAC6D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "262FC233-4D74-458B-A29D-FA2EFC4A7BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.7.11:*:*:*:*:*:*:*",
"matchCriteriaId": "5D659B8B-00D7-46E8-997B-5C4ACAAFCA2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.7.12:*:*:*:*:*:*:*",
"matchCriteriaId": "3A613266-E406-42BF-BD8E-2A0D8F23BB60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.7.13:*:*:*:*:*:*:*",
"matchCriteriaId": "221C4CD4-B342-4A27-ABED-6A57E7653C20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A6D829B6-2FF0-4C79-9A69-A7AF05204D84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2493D9CF-2FFA-4039-A3EB-92EA7585260C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FF815BB9-1D4C-4A57-8E55-0D16EC3D9F05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "19217087-5886-4841-8E0D-884E4BE5A22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E3DD2B9F-2ED0-42DF-AA55-FE2FFBD6F8B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "449274ED-4486-42DE-806C-60336D64E71E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A934CE25-5D2E-4073-8D99-198ABDF7F66A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "84F3C4D8-F32C-44BA-AF77-1C52D08B08DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A1891B42-FD48-4428-8AF4-1EA1D0619370",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.8.9:*:*:*:*:*:*:*",
"matchCriteriaId": "37D02353-015E-45BB-AA81-102FFC83A924",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F56658-10CE-44DD-A15F-A36DC3990595",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:7.8.11:*:*:*:*:*:*:*",
"matchCriteriaId": "C55FDC1E-DC2C-471E-BB8D-190680FCEEB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B32C0B97-B616-4D7B-B65D-01ED7EAF69E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D83C93B8-9DA5-4D79-807F-0C1F72E43A9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BBA882D4-4F88-461C-AD65-7497D7D0FDD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:8.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C674FCB5-A024-4DB9-B896-2DC31846685F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:8.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1E96ABDE-C2C4-4200-8C8E-1853246A083B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:8.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5640D846-5FA6-4234-B8F0-A743F980D150",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:8.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8682CD56-83A8-42E9-AE5B-08A885582E4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:8.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4350D2C5-C7AA-4CB1-A67C-2CEA75CE531F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:8.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "CD3F0E57-E76C-44DB-B073-5BB1B2FAACE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D32AB8C1-9770-4611-99FC-A7D1650FDD81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8030C9FD-D0EE-4483-9106-AE02158E2BD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:8.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "96AB94CD-A9B4-40F4-B256-A6D43FAB0A77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:8.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B718A5-DB86-4DA9-AFCF-A1EA778CDF1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:confd_premium:8.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AFB51C8A-F38A-430C-987D-A27C3A4EC948",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_network_services_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA84DDF5-267B-43D9-83EB-88B8C5179F51",
"versionEndExcluding": "5.4",
"versionStartIncluding": "5.3.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_network_services_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC13A32E-4901-4AA0-8475-B1717BAF18A0",
"versionEndExcluding": "5.5",
"versionStartIncluding": "5.4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_network_services_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D94313F6-64E6-4C44-941C-2172C4E5C91A",
"versionEndExcluding": "5.5.10.1",
"versionStartIncluding": "5.5.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_network_services_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C45E561F-E8A9-48FF-9C2F-04F81C206B0E",
"versionEndExcluding": "5.6.14.3",
"versionStartIncluding": "5.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_network_services_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "085E241C-7CBC-461D-A8E2-CFDE4CC51948",
"versionEndExcluding": "5.7.15",
"versionStartIncluding": "5.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_network_services_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "149BFEE6-09DC-438B-92E5-D87EDD729FAD",
"versionEndExcluding": "5.8.13.1",
"versionStartIncluding": "5.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_network_services_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69CA366E-925C-4C7D-911B-0C8102114AD1",
"versionEndIncluding": "6.0.12",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_network_services_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D11D04D-C5DD-43AC-A975-B29EBD58F31B",
"versionEndIncluding": "6.1.7",
"versionStartIncluding": "6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_network_services_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19E05905-C38F-4EC3-BE94-AC49CE1D1834",
"versionEndExcluding": "6.2.2",
"versionStartIncluding": "6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_network_services_orchestrator:5.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "793E72C8-4F9A-4CBC-A8B8-CBAB05427CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_network_services_orchestrator:6.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "FE5ED6EA-255B-4D3F-BC29-01A852B2E4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_network_services_orchestrator:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6C7DE84-CE91-4924-94F2-B878AC83E867",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system.\n\n\nThis vulnerability is due to improper authorization enforcement when specific CLI commands are used. An attacker could exploit this vulnerability by executing an affected CLI command with crafted arguments. A successful exploit could allow the attacker to read or write arbitrary files on the underlying operating system with the privileges of the root user."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI de ConfD y la CLI de Cisco Crosswork Network Services Orchestrator podr\u00eda permitir que un atacante local autenticado y con pocos privilegios lea y escriba archivos arbitrarios como ra\u00edz en el sistema operativo subyacente. Esta vulnerabilidad se debe a una aplicaci\u00f3n inadecuada de la autorizaci\u00f3n cuando se utilizan comandos CLI espec\u00edficos. Un atacante podr\u00eda aprovechar esta vulnerabilidad ejecutando un comando CLI afectado con argumentos manipulados. Un exploit exitoso podr\u00eda permitir al atacante leer o escribir archivos arbitrarios en el sistema operativo subyacente con los privilegios del usuario root."
}
],
"id": "CVE-2024-20326",
"lastModified": "2026-06-17T07:06:26.337",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "psirt@cisco.com",
"type": "Secondary"
}
],
"ssvcV203": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"ssvcData": {
"id": "CVE-2024-20326",
"options": [
{
"exploitation": "none"
},
{
"automatable": "no"
},
{
"technicalImpact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-16T15:55:41.498842Z",
"version": "2.0.3"
}
}
]
},
"published": "2024-05-16T14:15:08.420",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnfd-rwpesc-ZAOufyx8"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-rwpesc-qrQGnh3f"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnfd-rwpesc-ZAOufyx8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-rwpesc-qrQGnh3f"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…