CVE-2024-45208 (GCVE-0-2024-45208)
Vulnerability from cvelistv5
Published
2025-06-18 23:30
Modified
2025-06-23 16:04
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The Versa Director SD-WAN orchestration platform which makes use of Cisco NCS application service. Active and Standby Directors communicate over TCP ports 4566 and 4570 to exchange High Availability (HA) information using a shared password. Affected versions of Versa Director bound to these ports on all interfaces. An attacker that can access the Versa Director could access the NCS service on port 4566 and exploit it to perform unauthorized administrative actions and perform remote code execution. Customers are recommended to follow the hardening guide. Versa Networks is not aware of any reported instance where this vulnerability was exploited. Proof of concept for this vulnerability has been disclosed by third party security researchers.
References
Impacted products
Vendor Product Version
Versa Director Version: 21.2.2    21.2.2
Version: 21.2.3    21.2.3
Version: 22.1.1    22.1.1
Version: 22.1.2    22.1.2
Version: 22.1.3    22.1.3
Version: 22.1.4    22.1.4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-45208",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-23T15:54:05.315403Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-284",
                "description": "CWE-284 Improper Access Control",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-23T16:04:55.377Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Director",
          "vendor": "Versa",
          "versions": [
            {
              "lessThanOrEqual": "21.2.2",
              "status": "affected",
              "version": "21.2.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "21.2.3",
              "status": "affected",
              "version": "21.2.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "22.1.1",
              "status": "affected",
              "version": "22.1.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "22.1.2",
              "status": "affected",
              "version": "22.1.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "22.1.3",
              "status": "affected",
              "version": "22.1.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "22.1.4",
              "status": "affected",
              "version": "22.1.4",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Versa Director SD-WAN orchestration platform which makes use of Cisco NCS application service. Active and Standby Directors communicate over TCP ports 4566 and 4570 to exchange High Availability (HA) information using a shared password. Affected versions of Versa Director bound to these ports on all interfaces. An attacker that can access the Versa Director could access the NCS service on port 4566 and exploit it to perform unauthorized administrative actions and perform remote code execution. Customers are recommended to follow the hardening guide.\r\n\r\nVersa Networks is not aware of any reported instance where this vulnerability was exploited. Proof of concept for this vulnerability has been disclosed by third party security researchers."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-18T23:30:53.998Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://security-portal.versa-networks.com/emailbulletins/68526c3cdc94d6b9f2faf718"
        },
        {
          "url": "https://support.versa-networks.com/support/solutions/articles/23000026724-versa-director-ha-port-exploit-discovery-remediation"
        },
        {
          "url": "https://support.versa-networks.com/support/solutions/articles/23000026708-release-22-1-4"
        },
        {
          "url": "https://support.versa-networks.com/support/solutions/articles/23000026033-release-22-1-3"
        },
        {
          "url": "https://support.versa-networks.com/support/solutions/articles/23000025680-release-22-1-2"
        },
        {
          "url": "https://support.versa-networks.com/support/solutions/articles/23000024323-release-21-2-3"
        },
        {
          "url": "https://docs.versa-networks.com/Solutions/System_Hardening/Perform_Manual_Hardening_for_Versa_Director#Harden_Port_4566"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2024-45208",
    "datePublished": "2025-06-18T23:30:53.998Z",
    "dateReserved": "2024-08-23T01:00:01.061Z",
    "dateUpdated": "2025-06-23T16:04:55.377Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-45208\",\"sourceIdentifier\":\"support@hackerone.com\",\"published\":\"2025-06-19T00:15:21.097\",\"lastModified\":\"2025-06-23T20:16:59.783\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Versa Director SD-WAN orchestration platform which makes use of Cisco NCS application service. Active and Standby Directors communicate over TCP ports 4566 and 4570 to exchange High Availability (HA) information using a shared password. Affected versions of Versa Director bound to these ports on all interfaces. An attacker that can access the Versa Director could access the NCS service on port 4566 and exploit it to perform unauthorized administrative actions and perform remote code execution. Customers are recommended to follow the hardening guide.\\r\\n\\r\\nVersa Networks is not aware of any reported instance where this vulnerability was exploited. Proof of concept for this vulnerability has been disclosed by third party security researchers.\"},{\"lang\":\"es\",\"value\":\"La plataforma de orquestaci\u00f3n SD-WAN Versa Director utiliza el servicio de aplicaciones Cisco NCS. Los directores activos y en espera se comunican a trav\u00e9s de los puertos TCP 4566 y 4570 para intercambiar informaci\u00f3n de alta disponibilidad (HA) mediante una contrase\u00f1a compartida. Las versiones afectadas de Versa Director est\u00e1n vinculadas a estos puertos en todas las interfaces. Un atacante que acceda a Versa Director podr\u00eda acceder al servicio NCS en el puerto 4566 y explotarlo para realizar acciones administrativas no autorizadas y ejecutar c\u00f3digo remoto. Se recomienda a los clientes seguir la gu\u00eda de refuerzo. Versa Networks no tiene constancia de ning\u00fan caso reportado de explotaci\u00f3n de esta vulnerabilidad. Investigadores de seguridad externos han publicado una prueba de concepto de esta vulnerabilidad.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"support@hackerone.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]}],\"references\":[{\"url\":\"https://docs.versa-networks.com/Solutions/System_Hardening/Perform_Manual_Hardening_for_Versa_Director#Harden_Port_4566\",\"source\":\"support@hackerone.com\"},{\"url\":\"https://security-portal.versa-networks.com/emailbulletins/68526c3cdc94d6b9f2faf718\",\"source\":\"support@hackerone.com\"},{\"url\":\"https://support.versa-networks.com/support/solutions/articles/23000024323-release-21-2-3\",\"source\":\"support@hackerone.com\"},{\"url\":\"https://support.versa-networks.com/support/solutions/articles/23000025680-release-22-1-2\",\"source\":\"support@hackerone.com\"},{\"url\":\"https://support.versa-networks.com/support/solutions/articles/23000026033-release-22-1-3\",\"source\":\"support@hackerone.com\"},{\"url\":\"https://support.versa-networks.com/support/solutions/articles/23000026708-release-22-1-4\",\"source\":\"support@hackerone.com\"},{\"url\":\"https://support.versa-networks.com/support/solutions/articles/23000026724-versa-director-ha-port-exploit-discovery-remediation\",\"source\":\"support@hackerone.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-45208\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-06-23T15:54:05.315403Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-284\", \"description\": \"CWE-284 Improper Access Control\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-06-23T15:47:30.776Z\"}}], \"cna\": {\"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\"}}], \"affected\": [{\"vendor\": \"Versa\", \"product\": \"Director\", \"versions\": [{\"status\": \"affected\", \"version\": \"21.2.2\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"21.2.2\"}, {\"status\": \"affected\", \"version\": \"21.2.3\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"21.2.3\"}, {\"status\": \"affected\", \"version\": \"22.1.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"22.1.1\"}, {\"status\": \"affected\", \"version\": \"22.1.2\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"22.1.2\"}, {\"status\": \"affected\", \"version\": \"22.1.3\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"22.1.3\"}, {\"status\": \"affected\", \"version\": \"22.1.4\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"22.1.4\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://security-portal.versa-networks.com/emailbulletins/68526c3cdc94d6b9f2faf718\"}, {\"url\": \"https://support.versa-networks.com/support/solutions/articles/23000026724-versa-director-ha-port-exploit-discovery-remediation\"}, {\"url\": \"https://support.versa-networks.com/support/solutions/articles/23000026708-release-22-1-4\"}, {\"url\": \"https://support.versa-networks.com/support/solutions/articles/23000026033-release-22-1-3\"}, {\"url\": \"https://support.versa-networks.com/support/solutions/articles/23000025680-release-22-1-2\"}, {\"url\": \"https://support.versa-networks.com/support/solutions/articles/23000024323-release-21-2-3\"}, {\"url\": \"https://docs.versa-networks.com/Solutions/System_Hardening/Perform_Manual_Hardening_for_Versa_Director#Harden_Port_4566\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The Versa Director SD-WAN orchestration platform which makes use of Cisco NCS application service. Active and Standby Directors communicate over TCP ports 4566 and 4570 to exchange High Availability (HA) information using a shared password. Affected versions of Versa Director bound to these ports on all interfaces. An attacker that can access the Versa Director could access the NCS service on port 4566 and exploit it to perform unauthorized administrative actions and perform remote code execution. Customers are recommended to follow the hardening guide.\\r\\n\\r\\nVersa Networks is not aware of any reported instance where this vulnerability was exploited. Proof of concept for this vulnerability has been disclosed by third party security researchers.\"}], \"providerMetadata\": {\"orgId\": \"36234546-b8fa-4601-9d6f-f4e334aa8ea1\", \"shortName\": \"hackerone\", \"dateUpdated\": \"2025-06-18T23:30:53.998Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-45208\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-06-23T16:04:55.377Z\", \"dateReserved\": \"2024-08-23T01:00:01.061Z\", \"assignerOrgId\": \"36234546-b8fa-4601-9d6f-f4e334aa8ea1\", \"datePublished\": \"2025-06-18T23:30:53.998Z\", \"assignerShortName\": \"hackerone\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.