VDB
CVE-2024-20278
CVE-2024-20278
PUBLISHED
In Cisco IOS XE existieren mehrere Schwachstellen. Diese sind auf Fehler bei der Kontrolle von Privilegien und Nutzereingaben zurückzuführen. Ein entfernter, authentisierter Angreifer kann diese Schwachstelle ausnutzen, um seine Privilegien zu erweitern.
EPSS 0.13% · 31.8th percentile
Risk Scores
EPSS Score
0.13%
31.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Cisco IOS XE |
Exploit Intelligence
- cisco-sa-iosxe-priv-esc-seAx6NLX (circl)
Timeline
- Mar 27, 2024 CVE Published
- Mar 28, 2024 EPSS Score
- Apr 23, 2024 EPSS Score
- May 18, 2024 EPSS Score
- Jun 13, 2024 EPSS Score
- Jul 8, 2024 EPSS Score
- Aug 3, 2024 EPSS Score
- Aug 29, 2024 EPSS Score
- Sep 23, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 19, 2024 EPSS Score
- Nov 13, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0745.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0745 advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aux-333WBz8f advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dmi-acl-bypass-Xv8FO8Vz advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-ospf-dos-dR9Sfrxp advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-priv-esc-seAx6NLX advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sda-edge-dos-qZWuWXWG advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-utd-cmd-JbL8KvHT advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-wlc-privesc-RjSMrmPK advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-mdns-dos-4hv6pBGf advisory