CVE-2024-20383

CVSS 3.1 Score 4.8 of 10 (medium)

Details

Published May 15, 2024

CWE ID 79

Summary

CVE-2024-20383 is a recently identified vulnerability affecting the Cisco Crosswork NSO CLI and ConfD CLI. This issue grants authenticated, low-privileged, local attackers the ability to elevate privileges to root on the underlying operating system. The vulnerability arises due to incorrect privilege assignment when certain CLI commands are executed. An attacker can exploit this flaw by executing an affected command, potentially gaining elevated system access. This vulnerability poses a significant risk and requires immediate remediation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/v8lDvk
https://www.cve.org/CVERecord?id=CVE-2024-20383
https://nvd.nist.gov/vuln/detail/CVE-2024-20383

Back to Vulnerability Database

CVE-2024-20383

CVSS 3.1 Score 4.8 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations