CVE-2024-20394 — Vulnetix

CVE-2024-20394 PUBLISHED CVSS 5.5 MEDIUM

A vulnerability in Cisco AppDynamics Network Visibility Agent could allow an unauthenticated, local attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to the inability to handle unexpected input. An attacker who has local device access could exploit this vulnerability by sending an HTTP request to the targeted service. A successful exploit could allow the attacker to cause a DoS condition by stopping the Network Agent Service on the local device.

EPSS 0.19% · 40.2th percentile

Risk Scores

CVSS 3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

EPSS Score

0.19%

40.2th percentile

Affected Products

Vendor	Product	Versions
cisco	appdynamics	0, 0, 0
Cisco	Cisco AppDynamics	N/A, N/A

Exploit Intelligence

cisco-sa-appd-netvisdos-9zNbsJtK (circl)

Timeline

May 15, 2024 CVE Published
May 16, 2024 EPSS Score
Jun 9, 2024 EPSS Score
Jul 3, 2024 EPSS Score
Jul 27, 2024 EPSS Score
Aug 9, 2024 CVE Updated
Aug 20, 2024 EPSS Score
Sep 12, 2024 EPSS Score
Oct 4, 2024 Coalition ESS Score
Oct 6, 2024 EPSS Score
Oct 30, 2024 EPSS Score
Nov 23, 2024 EPSS Score

References

cisco-sa-appd-netvisdos-9zNbsJtK url
https://nvd.nist.gov/vuln/detail/CVE-2024-20394 advisory

Open in Interactive Console →