VDB
CVE-2024-20306
CVE-2024-20306
PUBLISHED
In Cisco IOS XE existiert eine Schwachstelle. Diese ist auf eine unzureichende Validierung von Nutzereingaben zurückzuführen. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuführen.
EPSS 0.02% · 7.2th percentile
Risk Scores
EPSS Score
0.02%
7.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Cisco IOS XE |
Exploit Intelligence
- cisco-sa-iosxe-utd-cmd-JbL8KvHT (circl)
Timeline
- Mar 27, 2024 CVE Published
- Mar 28, 2024 EPSS Score
- Apr 23, 2024 EPSS Score
- May 18, 2024 EPSS Score
- Jun 13, 2024 EPSS Score
- Jul 8, 2024 EPSS Score
- Aug 3, 2024 EPSS Score
- Aug 16, 2024 CVE Updated
- Aug 29, 2024 EPSS Score
- Sep 23, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 19, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0745.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0745 advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aux-333WBz8f advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dmi-acl-bypass-Xv8FO8Vz advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-ospf-dos-dR9Sfrxp advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-priv-esc-seAx6NLX advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sda-edge-dos-qZWuWXWG advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-utd-cmd-JbL8KvHT advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-wlc-privesc-RjSMrmPK advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-mdns-dos-4hv6pBGf advisory