Vulnerabilites related to cisco - confd_basic
Vulnerability from fkie_nvd
Published
2025-04-16 22:15
Modified
2025-07-30 19:24
Severity ?
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.
References
security-advisories@github.comhttps://github.com/erlang/otp/commit/0fcd9c56524b28615e8ece65fc0c3f66ef6e4c12Patch
security-advisories@github.comhttps://github.com/erlang/otp/commit/6eef04130afc8b0ccb63c9a0d8650209cf54892fPatch
security-advisories@github.comhttps://github.com/erlang/otp/commit/b1924d37fd83c070055beb115d5d6a6a9490b891Patch
security-advisories@github.comhttps://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2025/04/16/2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2025/04/18/1Mailing List
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2025/04/18/2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2025/04/18/6Mailing List
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2025/04/19/1Mailing List
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20250425-0001/Third Party Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0https://github.com/ProDefense/CVE-2025-32433/blob/main/CVE-2025-32433.pyExploit
134c704f-9b21-4f2e-91b3-4a467353bcc0https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-erlang-otp-ssh-xyZZyThird Party Advisory
Impacted products
Vendor Product Version
erlang erlang\/otp *
erlang erlang\/otp *
erlang erlang\/otp *
cisco confd_basic *
cisco confd_basic *
cisco confd_basic *
cisco confd_basic *
cisco confd_basic *
cisco network_services_orchestrator *
cisco network_services_orchestrator *
cisco network_services_orchestrator *
cisco network_services_orchestrator *
cisco network_services_orchestrator *
cisco network_services_orchestrator *
cisco cloud_native_broadband_network_gateway *
cisco inode_manager -
cisco smart_phy *
cisco ultra_packet_core *
cisco ultra_services_platform -
cisco staros *
cisco optical_site_manager *
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -
cisco ncs_2000_shelf_virtualization_orchestrator_firmware *
cisco ncs_2000_shelf_virtualization_orchestrator_module -
cisco enterprise_nfv_infrastructure_software *
cisco ultra_cloud_core *
cisco rv160w_firmware -
cisco rv160w -
cisco rv260_firmware -
cisco rv260 -
cisco rv160_firmware -
cisco rv160 -
cisco rv260p_firmware -
cisco rv260p -
cisco rv260w_firmware -
cisco rv260w -
cisco rv340_firmware -
cisco rv340 -
cisco rv340w_firmware -
cisco rv340w -
cisco rv345_firmware -
cisco rv345 -
cisco rv345p_firmware -
cisco rv345p -


To clipboard 

{
  "cisaActionDue": "2025-06-30",
  "cisaExploitAdd": "2025-06-09",
  "cisaRequiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
  "cisaVulnerabilityName": "Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E83BFB53-C1CC-4F9E-9794-EE0057EE770B",
              "versionEndExcluding": "25.3.2.20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4842AC3A-E1AE-491A-AFCE-F3669397CA82",
              "versionEndExcluding": "26.2.5.11",
              "versionStartIncluding": "26.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "36383ED9-EA7D-4AFF-B2C7-1FFD16207C54",
              "versionEndExcluding": "27.3.3",
              "versionStartIncluding": "27.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:confd_basic:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FD911AA-C8F6-4109-A3B4-602AEAF2C77D",
              "versionEndExcluding": "7.7.19.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_basic:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B6F7512-CAC2-42DE-B150-D56AE6F78053",
              "versionEndExcluding": "8.1.16.2",
              "versionStartIncluding": "8.0.18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_basic:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F1269B5-554F-42E0-95A1-BD22C5C23309",
              "versionEndExcluding": "8.2.11.1",
              "versionStartIncluding": "8.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_basic:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D1C890C-D8CA-45FB-B70E-3960B0E9D41B",
              "versionEndExcluding": "8.3.8.1",
              "versionStartIncluding": "8.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_basic:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37F31D4A-E5B4-4ED3-BE3C-07FFA0F4D689",
              "versionEndExcluding": "8.4.4.1",
              "versionStartIncluding": "8.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C911AA6C-9CD2-48F5-BC9B-A2D1AACEED03",
              "versionEndExcluding": "5.7.19.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A800C1C-CED2-4D88-ADD3-1705DF8D1611",
              "versionEndExcluding": "6.1.16.2",
              "versionStartIncluding": "5.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C18189F-8645-4801-9217-B7A1E3539F89",
              "versionEndExcluding": "6.2.11.1",
              "versionStartIncluding": "6.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B4EF3D5-5633-4C99-B4AE-360A2A3B985B",
              "versionEndExcluding": "6.3.8.1",
              "versionStartIncluding": "6.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "553AEE68-3FBE-453B-BD12-03FAF3BA6F2C",
              "versionEndExcluding": "6.4.1.1",
              "versionStartIncluding": "6.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DCC5384-91EF-44D6-908B-CC019036273A",
              "versionEndExcluding": "6.4.4.1",
              "versionStartIncluding": "6.4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:cloud_native_broadband_network_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F813EFB7-F2E8-4E36-BBF3-1FA1C2CB6035",
              "versionEndExcluding": "2025.03.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:inode_manager:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA1A6D3F-C7B9-415B-AE44-A263BFAA8B21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:smart_phy:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D14D75E9-5247-4D0F-A92E-10821629089D",
              "versionEndExcluding": "25.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ultra_packet_core:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "25BC4E65-0344-45F3-8570-CEBEAA26D302",
              "versionEndExcluding": "2025.03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ultra_services_platform:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "378484EF-6E71-4D73-8864-538A869F8D08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDADC228-B7DA-405D-B704-4E6198D4308E",
              "versionEndExcluding": "2025.03",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:optical_site_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A91EBA2-5C6A-43D1-9657-E0B0B2D214F4",
              "versionEndExcluding": "25.2.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F6E0FBE-70B7-413C-8943-39BEFE050298",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ncs_2000_shelf_virtualization_orchestrator_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FBA50A5-A1E7-41C4-AC8C-19A2393ACF89",
              "versionEndExcluding": "25.1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_2000_shelf_virtualization_orchestrator_module:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B66F36B9-0E4E-4AE0-9102-9B963C5E67D6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:enterprise_nfv_infrastructure_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B41BD0FB-372F-418B-A453-232D04C7C055",
              "versionEndExcluding": "4.18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ultra_cloud_core:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "41890CCA-16A7-429C-8A31-F467141171A7",
              "versionEndExcluding": "2025.03.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:rv160w_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4C81717-86CA-4B78-B60B-1ABEA71D0243",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:rv160w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B7E3792-5D0F-4CCC-874D-512059CA8E12",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:rv260_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8B9D17F-A3E5-498D-9AE1-11915FEF8B3B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:rv260:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FFC99C1-954E-408B-8A08-C79941350F05",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:rv160_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2D5DF69-3106-40B4-9DEA-1655EC394E01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:rv160:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC1DC21D-8C6C-4CE7-B5CB-8646659B02BC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:rv260p_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BA3E845-95EC-4CAD-8105-2348F8D58E3A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:rv260p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A62A6E2F-FA43-4F40-A684-651FEDAC2114",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:rv260w_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "33291CE9-C896-4798-BAD3-5ACA2A412E92",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:rv260w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "95737F9F-1779-4AAB-875E-2CD586A8B780",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:rv340_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAA54684-D12C-4050-AFD3-A1A3E2B6585F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:rv340:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A4411AC-2A74-4315-BA6B-D7E1AA538BDB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:rv340w_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7440DB48-9ACC-4D14-A042-12946145AB45",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:rv340w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "21E55019-F969-4ACD-A6C8-1D2EE05F8EE4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:rv345_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6DBB708-31C2-499B-B6DC-2DC3501F2FDE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:rv345:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E91E68B-CBE9-462E-82D4-6F588B8E84E8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:rv345p_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26BE8976-95F2-41DB-A76B-E67CF07DF500",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:rv345p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5120BAB7-FB3A-481E-9ECD-48341846AFBD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules."
    },
    {
      "lang": "es",
      "value": "Erlang/OTP es un conjunto de librer\u00edas para el lenguaje de programaci\u00f3n Erlang. En versiones anteriores a OTP-27.3.3, OTP-26.2.5.11 y OTP-25.3.2.20, un servidor SSH pod\u00eda permitir a un atacante realizar una ejecuci\u00f3n remota de c\u00f3digo (RCE) sin autenticaci\u00f3n. Al explotar una falla en la gesti\u00f3n de mensajes del protocolo SSH, un atacante podr\u00eda obtener acceso no autorizado a los sistemas afectados y ejecutar comandos arbitrarios sin credenciales v\u00e1lidas. Este problema est\u00e1 corregido en las versiones OTP-27.3.3, OTP-26.2.5.11 y OTP-25.3.2.20. Una soluci\u00f3n temporal consiste en deshabilitar el servidor SSH o impedir el acceso mediante reglas de firewall."
    }
  ],
  "id": "CVE-2025-32433",
  "lastModified": "2025-07-30T19:24:19.250",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 10.0,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.0,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-04-16T22:15:14.373",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/erlang/otp/commit/0fcd9c56524b28615e8ece65fc0c3f66ef6e4c12"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/erlang/otp/commit/6eef04130afc8b0ccb63c9a0d8650209cf54892f"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/erlang/otp/commit/b1924d37fd83c070055beb115d5d6a6a9490b891"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2025/04/16/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2025/04/18/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2025/04/18/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2025/04/18/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2025/04/19/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20250425-0001/"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "Exploit"
      ],
      "url": "https://github.com/ProDefense/CVE-2025-32433/blob/main/CVE-2025-32433.py"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-erlang-otp-ssh-xyZZy"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-306"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2024-05-16 14:15
Modified
2025-07-30 19:17
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper authorization enforcement when specific CLI commands are used. An attacker could exploit this vulnerability by executing an affected CLI command with crafted arguments. A successful exploit could allow the attacker to read or write arbitrary files on the underlying operating system with the privileges of the root user.
References
psirt@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnfd-rwpesc-ZAOufyx8Vendor Advisory
psirt@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-rwpesc-qrQGnh3fVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnfd-rwpesc-ZAOufyx8Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-rwpesc-qrQGnh3fVendor Advisory
Impacted products
Vendor Product Version
cisco crosswork_network_services_orchestrator 6.2.1
cisco crosswork_network_services_orchestrator 6.0.11
cisco confd_basic 8.0.11


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_network_services_orchestrator:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6C7DE84-CE91-4924-94F2-B878AC83E867",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_network_services_orchestrator:6.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE5ED6EA-255B-4D3F-BC29-01A852B2E4CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:confd_basic:8.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B602FC1-4CEE-4D36-B54D-4720E5148351",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the ConfD CLI and the Cisco  Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system.\n\n\nThis vulnerability is due to improper authorization enforcement when specific CLI commands are used. An attacker could exploit this vulnerability by executing an affected CLI command with crafted arguments. A successful exploit could allow the attacker to read or write arbitrary files on the underlying operating system with the privileges of the root user."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la CLI de ConfD y la CLI de Cisco Crosswork Network Services Orchestrator podr\u00eda permitir que un atacante local autenticado y con pocos privilegios lea y escriba archivos arbitrarios como usuario root en el sistema operativo subyacente. Esta vulnerabilidad se debe a una aplicaci\u00f3n incorrecta de la autorizaci\u00f3n cuando se utilizan comandos CLI espec\u00edficos. Un atacante podr\u00eda aprovechar esta vulnerabilidad ejecutando un comando CLI afectado con argumentos creados. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante leer o escribir archivos arbitrarios en el sistema operativo subyacente con los privilegios del usuario root."
    }
  ],
  "id": "CVE-2024-20389",
  "lastModified": "2025-07-30T19:17:36.073",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-05-16T14:15:08.670",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnfd-rwpesc-ZAOufyx8"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-rwpesc-qrQGnh3f"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnfd-rwpesc-ZAOufyx8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-rwpesc-qrQGnh3f"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-266"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2024-05-16 14:15
Modified
2025-07-25 14:39
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper authorization enforcement when specific CLI commands are used. An attacker could exploit this vulnerability by executing an affected CLI command with crafted arguments. A successful exploit could allow the attacker to read or write arbitrary files on the underlying operating system with the privileges of the root user.
References
psirt@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnfd-rwpesc-ZAOufyx8Vendor Advisory
psirt@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-rwpesc-qrQGnh3fVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnfd-rwpesc-ZAOufyx8Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-rwpesc-qrQGnh3fVendor Advisory
Impacted products
Vendor Product Version
cisco confd_basic 7.1.7
cisco confd_basic 7.8.3
cisco confd_basic 8.0
cisco confd_basic 8.0.1
cisco confd_basic 8.0.2
cisco confd_basic 8.0.3
cisco confd_basic 8.0.4
cisco confd_basic 8.0.5
cisco confd_basic 8.0.6
cisco confd_basic 8.0.7
cisco confd_basic 8.0.8
cisco confd_basic 8.0.9
cisco confd_basic 8.0.10
cisco confd_basic 8.0.11
cisco confd_premium 7.3.5
cisco confd_premium 7.3.5.1
cisco confd_premium 7.3.5.2
cisco confd_premium 7.3.6
cisco confd_premium 7.4.5
cisco confd_premium 7.4.5.1
cisco confd_premium 7.4.5.2
cisco confd_premium 7.4.5.3
cisco confd_premium 7.4.6
cisco confd_premium 7.4.7
cisco confd_premium 7.4.8
cisco confd_premium 7.5.3
cisco confd_premium 7.5.3.1
cisco confd_premium 7.5.3.2
cisco confd_premium 7.5.4
cisco confd_premium 7.5.4.1
cisco confd_premium 7.5.4.2
cisco confd_premium 7.5.4.3
cisco confd_premium 7.5.5
cisco confd_premium 7.5.5.1
cisco confd_premium 7.5.6
cisco confd_premium 7.5.6.1
cisco confd_premium 7.5.6.2
cisco confd_premium 7.5.7
cisco confd_premium 7.5.8
cisco confd_premium 7.5.9
cisco confd_premium 7.5.10
cisco confd_premium 7.6
cisco confd_premium 7.6.1
cisco confd_premium 7.6.2
cisco confd_premium 7.6.3
cisco confd_premium 7.6.4
cisco confd_premium 7.6.5
cisco confd_premium 7.6.6
cisco confd_premium 7.6.7
cisco confd_premium 7.6.8
cisco confd_premium 7.6.8.1
cisco confd_premium 7.6.9
cisco confd_premium 7.6.10
cisco confd_premium 7.6.11
cisco confd_premium 7.6.12
cisco confd_premium 7.6.13
cisco confd_premium 7.6.14
cisco confd_premium 7.6.14.1
cisco confd_premium 7.7
cisco confd_premium 7.7.1
cisco confd_premium 7.7.2
cisco confd_premium 7.7.3
cisco confd_premium 7.7.4
cisco confd_premium 7.7.5
cisco confd_premium 7.7.5.1
cisco confd_premium 7.7.6
cisco confd_premium 7.7.7
cisco confd_premium 7.7.8
cisco confd_premium 7.7.9
cisco confd_premium 7.7.10
cisco confd_premium 7.7.11
cisco confd_premium 7.7.12
cisco confd_premium 7.7.13
cisco confd_premium 7.8
cisco confd_premium 7.8.1
cisco confd_premium 7.8.2
cisco confd_premium 7.8.3
cisco confd_premium 7.8.4
cisco confd_premium 7.8.5
cisco confd_premium 7.8.6
cisco confd_premium 7.8.7
cisco confd_premium 7.8.8
cisco confd_premium 7.8.9
cisco confd_premium 7.8.10
cisco confd_premium 7.8.11
cisco confd_premium 8.0
cisco confd_premium 8.0.1
cisco confd_premium 8.0.2
cisco confd_premium 8.0.3
cisco confd_premium 8.0.4
cisco confd_premium 8.0.5
cisco confd_premium 8.0.6
cisco confd_premium 8.0.7
cisco confd_premium 8.0.8
cisco confd_premium 8.1
cisco confd_premium 8.1.1
cisco confd_premium 8.1.2
cisco confd_premium 8.1.3
cisco confd_premium 8.1.4
cisco crosswork_network_services_orchestrator *
cisco crosswork_network_services_orchestrator *
cisco crosswork_network_services_orchestrator *
cisco crosswork_network_services_orchestrator *
cisco crosswork_network_services_orchestrator *
cisco crosswork_network_services_orchestrator *
cisco crosswork_network_services_orchestrator *
cisco crosswork_network_services_orchestrator *
cisco crosswork_network_services_orchestrator *
cisco crosswork_network_services_orchestrator 5.1.7
cisco crosswork_network_services_orchestrator 6.0.11
cisco crosswork_network_services_orchestrator 6.2.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:confd_basic:7.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BAFEB0D-15E8-4ED5-AA2F-FCFF784462DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_basic:7.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3573A37A-D137-4B9A-8302-0D0562AB5784",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_basic:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFDCDF0C-B190-4570-AE4A-4F2DD1A52F41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_basic:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48CC77F0-2188-467C-82F2-A3E77350A650",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_basic:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "109545B7-86B5-4B56-A361-AF08EF0E15A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_basic:8.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "59ED080F-7BAC-453C-84DC-7945E988F912",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_basic:8.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC92BEB7-7EFF-4A8F-ACB8-8A33A2BC68E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_basic:8.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A712A2EC-DD0E-40D3-A757-F3CB40C056BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_basic:8.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE7F5A5E-A3BB-479B-8D00-9181BE6DB324",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_basic:8.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "79CDABDB-73AB-46FB-B54B-EC8092312799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_basic:8.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "567988DF-F202-4832-A50A-AA9EF478DC30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_basic:8.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F71011A4-69D3-4024-B197-17546BDFC418",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_basic:8.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C3E38FB-A91D-4950-A478-8774F7104C32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_basic:8.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B602FC1-4CEE-4D36-B54D-4720E5148351",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "955FAB89-5884-49B8-844F-8F793F94533A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.3.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BB8262B-91D8-4D5D-99FE-442747683608",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.3.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE14C54F-030F-433B-8D18-493FFAFD2615",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "15789D7E-1DD2-40EF-AAF1-9A249E5A1EEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "78F83248-56C2-450B-85B0-8F3D7927A0B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.4.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4E6CD2D-04B5-4416-816F-34E75334D28D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.4.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "87DD6DEF-3DD8-46CC-BBDA-B1CB02EA863E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.4.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6462F420-CDD3-4CCB-ADDA-9D4C637C62A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E674A274-04C7-45D3-A03C-6D6D47D9B6EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "30FB9787-2D1F-4385-86CF-0F634525F6BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4B9EE4A-AD51-4F8B-BD6C-6AB9C7D5CA67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E9B1FC-1F97-44A7-BF73-CCD4E1BA813B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3595108-C8C9-46AE-9191-CCC4E30524BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A42C6434-1760-45E9-821F-B10F2363EBC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "25EC546A-3F75-45A1-9A4F-AA88366460A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.5.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "53814C24-83B0-4C9D-A344-8C42A2C76A18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.5.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "71FCE4AC-EAE7-4231-A249-7090E249AC11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.5.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7232B7D0-C34C-4045-B683-69D3815E74C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "43110F62-AD93-4F23-944E-17279A5A805B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.5.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B9959AF-36DC-48A1-9439-C2962DDA47F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FB0439B-DE71-4118-AF1F-687024718654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.5.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B23A29A4-663E-49AE-9A27-9BA9DF90DC00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.5.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "74F51011-A9D2-4D62-A9A2-42718A3E1E41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FA83B18-264D-4418-AE3B-485FEA777A7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBE45D50-68A8-4E1B-8285-153AB0B6B1C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "88928CAC-6177-4255-BF79-011853775223",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.5.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7514B52B-47BC-4349-825A-752234D8AAF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B771559D-BEE1-44FB-87EB-5D80BE58966A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1062A5FF-D0BB-42F3-89C0-AC530DD219D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A15F9A59-951D-468E-94F5-BE676563AAE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "16A887CB-BBEC-473F-8ABB-7E62061A7BE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A52C0DA-67BD-4D2A-804C-23E9C48118D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "209F5A28-A1D6-447F-A0FB-58F736661733",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C16CA7-5860-4D40-B502-DD85B2644952",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "246B53CB-E2E7-4935-B163-32F7FD62C32C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.6.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "505AF62D-796D-4E8C-8F08-90397B43F57F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.6.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E554197-5231-48DB-96BC-0BAB310E3FBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.6.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "35203B1A-8204-4DBC-9FC8-DAFF83CB92C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.6.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "B34B63F6-4BE7-4AFE-B697-CDDBF47FB08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.6.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8083E68-5129-4E62-A83D-49C7EC962B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.6.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAFCF886-FA10-4F32-986B-9E4811C27264",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.6.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "03A16ED7-C5CD-457D-AA1C-5CEC9AD605A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.6.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "30586725-2E71-4678-9FD6-368E77CE3672",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.6.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AC87266-672F-4D4A-8651-5DDD59950B7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CCD1BAF-C495-4C8E-829D-36EE74D87598",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "11D7887C-5EE5-45CC-B23B-6EBD1FD3DD03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "606775C7-AE45-41B5-8C72-19BD7EC0DA94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA18CF4A-31DA-4326-A49E-23B1052BCA4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E88BF492-124C-476F-958C-B08EA4BF4C81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A5E4155-C81F-48B7-A98A-6C56762F2835",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.7.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDEDEC04-5615-402D-92C6-B8095A64231F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1238717C-8420-43CA-AECD-7A4811FD182C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBB4E2DD-B646-4940-A64A-6DCC87A577B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.7.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "19D9F3D0-793B-4D1A-929F-146307F6D62C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.7.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4247A24-3D8A-4B75-8B87-DA453DAC6D8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.7.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "262FC233-4D74-458B-A29D-FA2EFC4A7BE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.7.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D659B8B-00D7-46E8-997B-5C4ACAAFCA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.7.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A613266-E406-42BF-BD8E-2A0D8F23BB60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.7.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "221C4CD4-B342-4A27-ABED-6A57E7653C20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6D829B6-2FF0-4C79-9A69-A7AF05204D84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2493D9CF-2FFA-4039-A3EB-92EA7585260C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF815BB9-1D4C-4A57-8E55-0D16EC3D9F05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "19217087-5886-4841-8E0D-884E4BE5A22B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3DD2B9F-2ED0-42DF-AA55-FE2FFBD6F8B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "449274ED-4486-42DE-806C-60336D64E71E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A934CE25-5D2E-4073-8D99-198ABDF7F66A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "84F3C4D8-F32C-44BA-AF77-1C52D08B08DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.8.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1891B42-FD48-4428-8AF4-1EA1D0619370",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.8.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "37D02353-015E-45BB-AA81-102FFC83A924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.8.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1F56658-10CE-44DD-A15F-A36DC3990595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:7.8.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "C55FDC1E-DC2C-471E-BB8D-190680FCEEB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B32C0B97-B616-4D7B-B65D-01ED7EAF69E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D83C93B8-9DA5-4D79-807F-0C1F72E43A9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBA882D4-4F88-461C-AD65-7497D7D0FDD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:8.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C674FCB5-A024-4DB9-B896-2DC31846685F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:8.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E96ABDE-C2C4-4200-8C8E-1853246A083B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:8.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5640D846-5FA6-4234-B8F0-A743F980D150",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:8.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8682CD56-83A8-42E9-AE5B-08A885582E4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:8.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4350D2C5-C7AA-4CB1-A67C-2CEA75CE531F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:8.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD3F0E57-E76C-44DB-B073-5BB1B2FAACE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D32AB8C1-9770-4611-99FC-A7D1650FDD81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8030C9FD-D0EE-4483-9106-AE02158E2BD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:8.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "96AB94CD-A9B4-40F4-B256-A6D43FAB0A77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:8.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5B718A5-DB86-4DA9-AFCF-A1EA778CDF1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:confd_premium:8.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFB51C8A-F38A-430C-987D-A27C3A4EC948",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_network_services_orchestrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA84DDF5-267B-43D9-83EB-88B8C5179F51",
              "versionEndExcluding": "5.4",
              "versionStartIncluding": "5.3.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_network_services_orchestrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC13A32E-4901-4AA0-8475-B1717BAF18A0",
              "versionEndExcluding": "5.5",
              "versionStartIncluding": "5.4.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_network_services_orchestrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D94313F6-64E6-4C44-941C-2172C4E5C91A",
              "versionEndExcluding": "5.5.10.1",
              "versionStartIncluding": "5.5.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_network_services_orchestrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C45E561F-E8A9-48FF-9C2F-04F81C206B0E",
              "versionEndExcluding": "5.6.14.3",
              "versionStartIncluding": "5.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_network_services_orchestrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "085E241C-7CBC-461D-A8E2-CFDE4CC51948",
              "versionEndExcluding": "5.7.15",
              "versionStartIncluding": "5.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_network_services_orchestrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "149BFEE6-09DC-438B-92E5-D87EDD729FAD",
              "versionEndExcluding": "5.8.13.1",
              "versionStartIncluding": "5.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_network_services_orchestrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "69CA366E-925C-4C7D-911B-0C8102114AD1",
              "versionEndIncluding": "6.0.12",
              "versionStartIncluding": "6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_network_services_orchestrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D11D04D-C5DD-43AC-A975-B29EBD58F31B",
              "versionEndIncluding": "6.1.7",
              "versionStartIncluding": "6.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_network_services_orchestrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19E05905-C38F-4EC3-BE94-AC49CE1D1834",
              "versionEndExcluding": "6.2.2",
              "versionStartIncluding": "6.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_network_services_orchestrator:5.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "793E72C8-4F9A-4CBC-A8B8-CBAB05427CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_network_services_orchestrator:6.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE5ED6EA-255B-4D3F-BC29-01A852B2E4CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crosswork_network_services_orchestrator:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6C7DE84-CE91-4924-94F2-B878AC83E867",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the ConfD CLI and the Cisco  Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system.\n\n\nThis vulnerability is due to improper authorization enforcement when specific CLI commands are used. An attacker could exploit this vulnerability by executing an affected CLI command with crafted arguments. A successful exploit could allow the attacker to read or write arbitrary files on the underlying operating system with the privileges of the root user."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la CLI de ConfD y la CLI de Cisco Crosswork Network Services Orchestrator podr\u00eda permitir que un atacante local autenticado y con pocos privilegios lea y escriba archivos arbitrarios como ra\u00edz en el sistema operativo subyacente. Esta vulnerabilidad se debe a una aplicaci\u00f3n inadecuada de la autorizaci\u00f3n cuando se utilizan comandos CLI espec\u00edficos. Un atacante podr\u00eda aprovechar esta vulnerabilidad ejecutando un comando CLI afectado con argumentos manipulados. Un exploit exitoso podr\u00eda permitir al atacante leer o escribir archivos arbitrarios en el sistema operativo subyacente con los privilegios del usuario root."
    }
  ],
  "id": "CVE-2024-20326",
  "lastModified": "2025-07-25T14:39:47.173",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-05-16T14:15:08.420",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnfd-rwpesc-ZAOufyx8"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-rwpesc-qrQGnh3f"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnfd-rwpesc-ZAOufyx8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-rwpesc-qrQGnh3f"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

CVE-2024-20326 (GCVE-0-2024-20326)
Vulnerability from cvelistv5
Published
2024-05-16 14:08
Modified
2024-08-01 21:59
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper authorization enforcement when specific CLI commands are used. An attacker could exploit this vulnerability by executing an affected CLI command with crafted arguments. A successful exploit could allow the attacker to read or write arbitrary files on the underlying operating system with the privileges of the root user.
References
Impacted products
Vendor Product Version
Cisco Cisco ConfD Version: 7.3.5
Version: 7.3.5.2
Version: 7.3.5.1
Version: 7.3.6
Version: 7.4.5.3
Version: 7.4.5.2
Version: 7.4.6
Version: 7.4.5.1
Version: 7.4.8
Version: 7.4.5
Version: 7.4.7
Version: 7.5.10
Version: 7.5.4
Version: 7.5.3.2
Version: 7.5.3.1
Version: 7.5.4.2
Version: 7.5.4.1
Version: 7.5.6.2
Version: 7.5.5
Version: 7.5.8
Version: 7.5.9
Version: 7.5.6
Version: 7.5.4.3
Version: 7.5.6.1
Version: 7.5.7
Version: 7.5.5.1
Version: 7.5.3
Version: 7.7
Version: 7.6
Version: 7.8
Version: 7.6.12
Version: 7.6.11
Version: 7.6.9
Version: 7.6.5
Version: 7.6.1
Version: 7.6.14.1
Version: 7.6.8.1
Version: 7.6.2
Version: 7.6.4
Version: 7.6.8
Version: 7.6.7
Version: 7.6.10
Version: 7.6.3
Version: 7.6.13
Version: 7.6.14
Version: 7.6.6
Version: 7.7.7
Version: 7.7.13
Version: 7.7.4
Version: 7.7.8
Version: 7.7.9
Version: 7.7.12
Version: 7.7.2
Version: 7.7.5
Version: 7.7.5.1
Version: 7.7.6
Version: 7.7.10
Version: 7.7.1
Version: 7.7.3
Version: 7.7.11
Version: 7.8.8
Version: 7.8.4
Version: 7.8.2
Version: 7.8.7
Version: 7.8.9
Version: 7.8.11
Version: 7.8.5
Version: 7.8.1
Version: 7.8.3
Version: 7.8.6
Version: 7.8.10
Version: 8.0.4
Version: 8.0.8
Version: 8.0.5
Version: 8.0.7
Version: 8.0.2
Version: 8.0.1
Version: 8.0.3
Version: 8.0.6
Version: 8.1
Version: 8.0
Version: 8.1.2
Version: 8.1.4
Version: 8.1.1
Version: 8.1.3
 Create a notification for this product.
   Cisco Cisco ConfD Basic Version: 8.0.1
Version: 8.0.6
Version: 8.0.4
Version: 8.0.2
Version: 8.0.3
Version: 8.0.5
Version: 8.0.10
Version: 8.0.11
Version: 8.0.7
Version: 8.0.8
Version: 8.0.9
Version: 7.8.3
Version: 8.0
 Create a notification for this product.
   Cisco Cisco Network Services Orchestrator Version: N/A
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:cisco:confd:7.5.3:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "confd",
            "vendor": "cisco",
            "versions": [
              {
                "lessThan": "7.5.10.2",
                "status": "affected",
                "version": "7.5.3",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:confd:7.6:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "confd",
            "vendor": "cisco",
            "versions": [
              {
                "lessThan": "7.6.14.2",
                "status": "affected",
                "version": "7.6",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:confd:7.7:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "confd",
            "vendor": "cisco",
            "versions": [
              {
                "lessThan": "7.7.15",
                "status": "affected",
                "version": "7.7",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:confd:7.8:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "confd",
            "vendor": "cisco",
            "versions": [
              {
                "lessThan": "7.8.13.1",
                "status": "affected",
                "version": "7.8",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:confd:8.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "confd",
            "vendor": "cisco",
            "versions": [
              {
                "lessThan": "8.0.12",
                "status": "affected",
                "version": "8.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:confd:7.1.7:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "confd",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "7.1.7"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:confd:7.2.7:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "confd",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "7.2.7"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:confd:7.3.7:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "confd",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "7.3.7"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:confd:7.4.7:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "confd",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "7.4.7"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:network_services_orchestrator:5.1.7:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "network_services_orchestrator",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "5.1.7"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:network_services_orchestrator:5.2.7:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "network_services_orchestrator",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "5.2.7"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:network_services_orchestrator:5.3.5:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "network_services_orchestrator",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "5.3.5"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:network_services_orchestrator:5.4.5:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "network_services_orchestrator",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "5.4.5"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:network_services_orchestrator:5.5.3:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "network_services_orchestrator",
            "vendor": "cisco",
            "versions": [
              {
                "lessThan": "5.5.10.1",
                "status": "affected",
                "version": "5.5.3",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:network_services_orchestrator:5.6:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "network_services_orchestrator",
            "vendor": "cisco",
            "versions": [
              {
                "lessThan": "5.6.14.3",
                "status": "affected",
                "version": "5.6",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:network_services_orchestrator:5.7:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "network_services_orchestrator",
            "vendor": "cisco",
            "versions": [
              {
                "lessThan": " \t5.7.15",
                "status": "affected",
                "version": "5.7",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:network_services_orchestrator:5.8:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "network_services_orchestrator",
            "vendor": "cisco",
            "versions": [
              {
                "lessThan": " \t5.8.13.1",
                "status": "affected",
                "version": "5.8",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:network_services_orchestrator:6.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "network_services_orchestrator",
            "vendor": "cisco",
            "versions": [
              {
                "lessThan": "6.0.12",
                "status": "affected",
                "version": "6.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:network_services_orchestrator:6.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "network_services_orchestrator",
            "vendor": "cisco",
            "versions": [
              {
                "lessThan": "6.1.7",
                "status": "affected",
                "version": "6.1",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:network_services_orchestrator:6.2:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "network_services_orchestrator",
            "vendor": "cisco",
            "versions": [
              {
                "lessThan": "6.2.2",
                "status": "affected",
                "version": "6.2",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20326",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-16T15:55:41.498842Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-77",
                "description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:40:29.191Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:59:41.542Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-nso-rwpesc-qrQGnh3f",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-rwpesc-qrQGnh3f"
          },
          {
            "name": "cisco-sa-cnfd-rwpesc-ZAOufyx8",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnfd-rwpesc-ZAOufyx8"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco ConfD",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "7.3.5"
            },
            {
              "status": "affected",
              "version": "7.3.5.2"
            },
            {
              "status": "affected",
              "version": "7.3.5.1"
            },
            {
              "status": "affected",
              "version": "7.3.6"
            },
            {
              "status": "affected",
              "version": "7.4.5.3"
            },
            {
              "status": "affected",
              "version": "7.4.5.2"
            },
            {
              "status": "affected",
              "version": "7.4.6"
            },
            {
              "status": "affected",
              "version": "7.4.5.1"
            },
            {
              "status": "affected",
              "version": "7.4.8"
            },
            {
              "status": "affected",
              "version": "7.4.5"
            },
            {
              "status": "affected",
              "version": "7.4.7"
            },
            {
              "status": "affected",
              "version": "7.5.10"
            },
            {
              "status": "affected",
              "version": "7.5.4"
            },
            {
              "status": "affected",
              "version": "7.5.3.2"
            },
            {
              "status": "affected",
              "version": "7.5.3.1"
            },
            {
              "status": "affected",
              "version": "7.5.4.2"
            },
            {
              "status": "affected",
              "version": "7.5.4.1"
            },
            {
              "status": "affected",
              "version": "7.5.6.2"
            },
            {
              "status": "affected",
              "version": "7.5.5"
            },
            {
              "status": "affected",
              "version": "7.5.8"
            },
            {
              "status": "affected",
              "version": "7.5.9"
            },
            {
              "status": "affected",
              "version": "7.5.6"
            },
            {
              "status": "affected",
              "version": "7.5.4.3"
            },
            {
              "status": "affected",
              "version": "7.5.6.1"
            },
            {
              "status": "affected",
              "version": "7.5.7"
            },
            {
              "status": "affected",
              "version": "7.5.5.1"
            },
            {
              "status": "affected",
              "version": "7.5.3"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.6.12"
            },
            {
              "status": "affected",
              "version": "7.6.11"
            },
            {
              "status": "affected",
              "version": "7.6.9"
            },
            {
              "status": "affected",
              "version": "7.6.5"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.6.14.1"
            },
            {
              "status": "affected",
              "version": "7.6.8.1"
            },
            {
              "status": "affected",
              "version": "7.6.2"
            },
            {
              "status": "affected",
              "version": "7.6.4"
            },
            {
              "status": "affected",
              "version": "7.6.8"
            },
            {
              "status": "affected",
              "version": "7.6.7"
            },
            {
              "status": "affected",
              "version": "7.6.10"
            },
            {
              "status": "affected",
              "version": "7.6.3"
            },
            {
              "status": "affected",
              "version": "7.6.13"
            },
            {
              "status": "affected",
              "version": "7.6.14"
            },
            {
              "status": "affected",
              "version": "7.6.6"
            },
            {
              "status": "affected",
              "version": "7.7.7"
            },
            {
              "status": "affected",
              "version": "7.7.13"
            },
            {
              "status": "affected",
              "version": "7.7.4"
            },
            {
              "status": "affected",
              "version": "7.7.8"
            },
            {
              "status": "affected",
              "version": "7.7.9"
            },
            {
              "status": "affected",
              "version": "7.7.12"
            },
            {
              "status": "affected",
              "version": "7.7.2"
            },
            {
              "status": "affected",
              "version": "7.7.5"
            },
            {
              "status": "affected",
              "version": "7.7.5.1"
            },
            {
              "status": "affected",
              "version": "7.7.6"
            },
            {
              "status": "affected",
              "version": "7.7.10"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.7.3"
            },
            {
              "status": "affected",
              "version": "7.7.11"
            },
            {
              "status": "affected",
              "version": "7.8.8"
            },
            {
              "status": "affected",
              "version": "7.8.4"
            },
            {
              "status": "affected",
              "version": "7.8.2"
            },
            {
              "status": "affected",
              "version": "7.8.7"
            },
            {
              "status": "affected",
              "version": "7.8.9"
            },
            {
              "status": "affected",
              "version": "7.8.11"
            },
            {
              "status": "affected",
              "version": "7.8.5"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "7.8.3"
            },
            {
              "status": "affected",
              "version": "7.8.6"
            },
            {
              "status": "affected",
              "version": "7.8.10"
            },
            {
              "status": "affected",
              "version": "8.0.4"
            },
            {
              "status": "affected",
              "version": "8.0.8"
            },
            {
              "status": "affected",
              "version": "8.0.5"
            },
            {
              "status": "affected",
              "version": "8.0.7"
            },
            {
              "status": "affected",
              "version": "8.0.2"
            },
            {
              "status": "affected",
              "version": "8.0.1"
            },
            {
              "status": "affected",
              "version": "8.0.3"
            },
            {
              "status": "affected",
              "version": "8.0.6"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "8.0"
            },
            {
              "status": "affected",
              "version": "8.1.2"
            },
            {
              "status": "affected",
              "version": "8.1.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            },
            {
              "status": "affected",
              "version": "8.1.3"
            }
          ]
        },
        {
          "product": "Cisco ConfD Basic",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.1"
            },
            {
              "status": "affected",
              "version": "8.0.6"
            },
            {
              "status": "affected",
              "version": "8.0.4"
            },
            {
              "status": "affected",
              "version": "8.0.2"
            },
            {
              "status": "affected",
              "version": "8.0.3"
            },
            {
              "status": "affected",
              "version": "8.0.5"
            },
            {
              "status": "affected",
              "version": "8.0.10"
            },
            {
              "status": "affected",
              "version": "8.0.11"
            },
            {
              "status": "affected",
              "version": "8.0.7"
            },
            {
              "status": "affected",
              "version": "8.0.8"
            },
            {
              "status": "affected",
              "version": "8.0.9"
            },
            {
              "status": "affected",
              "version": "7.8.3"
            },
            {
              "status": "affected",
              "version": "8.0"
            }
          ]
        },
        {
          "product": "Cisco Network Services Orchestrator",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "N/A"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the ConfD CLI and the Cisco  Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system.\n\n\nThis vulnerability is due to improper authorization enforcement when specific CLI commands are used. An attacker could exploit this vulnerability by executing an affected CLI command with crafted arguments. A successful exploit could allow the attacker to read or write arbitrary files on the underlying operating system with the privileges of the root user."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-16T14:08:18.634Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-nso-rwpesc-qrQGnh3f",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-rwpesc-qrQGnh3f"
        },
        {
          "name": "cisco-sa-cnfd-rwpesc-ZAOufyx8",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnfd-rwpesc-ZAOufyx8"
        }
      ],
      "source": {
        "advisory": "cisco-sa-nso-rwpesc-qrQGnh3f",
        "defects": [
          "CSCwj67262",
          "CSCwi31715"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20326",
    "datePublished": "2024-05-16T14:08:18.634Z",
    "dateReserved": "2023-11-08T15:08:07.640Z",
    "dateUpdated": "2024-08-01T21:59:41.542Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20389 (GCVE-0-2024-20389)
Vulnerability from cvelistv5
Published
2024-05-16 14:08
Modified
2024-08-01 21:59
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-266 - Incorrect Privilege Assignment
Summary
A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper authorization enforcement when specific CLI commands are used. An attacker could exploit this vulnerability by executing an affected CLI command with crafted arguments. A successful exploit could allow the attacker to read or write arbitrary files on the underlying operating system with the privileges of the root user.
References
Impacted products
Vendor Product Version
Cisco Cisco ConfD Version: N/A
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:cisco:confd:8.0.11:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "confd",
            "vendor": "cisco",
            "versions": [
              {
                "lessThan": "8.0.12",
                "status": "affected",
                "version": "8.0.11",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:network_services_orchestrator:6.0.11:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "network_services_orchestrator",
            "vendor": "cisco",
            "versions": [
              {
                "lessThan": "6.0.12",
                "status": "affected",
                "version": "6.0.11",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:cisco:network_services_orchestrator:6.2.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "network_services_orchestrator",
            "vendor": "cisco",
            "versions": [
              {
                "lessThan": "6.2.2",
                "status": "affected",
                "version": "6.2.1",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20389",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-16T16:46:34.641203Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:40:25.932Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:59:42.248Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-nso-rwpesc-qrQGnh3f",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-rwpesc-qrQGnh3f"
          },
          {
            "name": "cisco-sa-cnfd-rwpesc-ZAOufyx8",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnfd-rwpesc-ZAOufyx8"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco ConfD",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "N/A"
            }
          ]
        },
        {
          "product": "Cisco ConfD Basic",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.11"
            }
          ]
        },
        {
          "product": "Cisco Network Services Orchestrator",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.0.11"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the ConfD CLI and the Cisco  Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system.\n\n\nThis vulnerability is due to improper authorization enforcement when specific CLI commands are used. An attacker could exploit this vulnerability by executing an affected CLI command with crafted arguments. A successful exploit could allow the attacker to read or write arbitrary files on the underlying operating system with the privileges of the root user."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-266",
              "description": "Incorrect Privilege Assignment",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-16T14:08:21.745Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-nso-rwpesc-qrQGnh3f",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-rwpesc-qrQGnh3f"
        },
        {
          "name": "cisco-sa-cnfd-rwpesc-ZAOufyx8",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnfd-rwpesc-ZAOufyx8"
        }
      ],
      "source": {
        "advisory": "cisco-sa-nso-rwpesc-qrQGnh3f",
        "defects": [
          "CSCwj72783",
          "CSCwi84310"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20389",
    "datePublished": "2024-05-16T14:08:21.745Z",
    "dateReserved": "2023-11-08T15:08:07.658Z",
    "dateUpdated": "2024-08-01T21:59:42.248Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-32433 (GCVE-0-2025-32433)
Vulnerability from cvelistv5
Published
2025-04-16 21:34
Modified
2025-07-30 01:36
Severity ?
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CWE
  • CWE-306 - Missing Authentication for Critical Function
Summary
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.
References
Impacted products
Vendor Product Version
erlang otp Version: >= OTP-27.0-rc1, < OTP-27.3.3
Version: >= OTP-26.0-rc1, < OTP-26.2.5.11
Version: < OTP-25.3.2.20
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-04-25T23:03:01.788Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/04/16/2"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/04/18/1"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/04/18/2"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/04/18/6"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/04/19/1"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20250425-0001/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-32433",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-09T17:53:15.926462Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2025-06-09",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-32433"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T01:36:14.974Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/ProDefense/CVE-2025-32433/blob/main/CVE-2025-32433.py"
          },
          {
            "tags": [
              "vendor-advisory"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-erlang-otp-ssh-xyZZy"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2025-06-09T00:00:00+00:00",
            "value": "CVE-2025-32433 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "otp",
          "vendor": "erlang",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= OTP-27.0-rc1, \u003c OTP-27.3.3"
            },
            {
              "status": "affected",
              "version": "\u003e= OTP-26.0-rc1, \u003c OTP-26.2.5.11"
            },
            {
              "status": "affected",
              "version": "\u003c OTP-25.3.2.20"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-306",
              "description": "CWE-306: Missing Authentication for Critical Function",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-16T21:34:37.457Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2"
        },
        {
          "name": "https://github.com/erlang/otp/commit/0fcd9c56524b28615e8ece65fc0c3f66ef6e4c12",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/erlang/otp/commit/0fcd9c56524b28615e8ece65fc0c3f66ef6e4c12"
        },
        {
          "name": "https://github.com/erlang/otp/commit/6eef04130afc8b0ccb63c9a0d8650209cf54892f",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/erlang/otp/commit/6eef04130afc8b0ccb63c9a0d8650209cf54892f"
        },
        {
          "name": "https://github.com/erlang/otp/commit/b1924d37fd83c070055beb115d5d6a6a9490b891",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/erlang/otp/commit/b1924d37fd83c070055beb115d5d6a6a9490b891"
        }
      ],
      "source": {
        "advisory": "GHSA-37cp-fgq5-7wc2",
        "discovery": "UNKNOWN"
      },
      "title": "Erlang/OTP SSH Vulnerable to Pre-Authentication RCE"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-32433",
    "datePublished": "2025-04-16T21:34:37.457Z",
    "dateReserved": "2025-04-08T10:54:58.368Z",
    "dateUpdated": "2025-07-30T01:36:14.974Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}