CVE-2024-20334

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Apr 3, 2024

CWE ID 20

Summary

CVE-2024-20334 is a vulnerability affecting the web-based management interface of Cisco TelePresence Management Suite (TMS). This issue permits a low-privileged, remote attacker to carry out cross-site scripting (XSS) attacks against users of the interface. The vulnerability arises due to insufficient input validation within the interface, allowing an attacker to insert malicious data. Successful exploitation of this flaw could enable the attacker to execute arbitrary script code within the context of the affected interface or access sensitive browser-based information.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vLTuXw
https://www.cve.org/CVERecord?id=CVE-2024-20334
https://nvd.nist.gov/vuln/detail/CVE-2024-20334

Back to Vulnerability Database

CVE-2024-20334

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations