CVE-2024-20531

Summary

CVE-2024-20531 is a vulnerability in the API of Cisco ISE that allows authenticated, remote attackers to read arbitrary files on the underlying operating system and conduct server-side request forgery (SSRF) attacks. This vulnerability arises due to the API's improper handling of XML External Entity (XXE) entries when parsing XML input. An attacker can exploit this vulnerability by sending a specially crafted API request to an affected device, requiring valid Super Admin credentials. A successful exploit could result in the attacker gaining unauthorized access to sensitive information or conducting unauthorized actions through the affected device.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.