A vulnerability in the SSH subsystem of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to execute operating system commands as root.
This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by submitting crafted input when executing remote CLI commands over SSH. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges. An attacker with limited user privileges could use this vulnerability to gain complete control over the system.
References
Configurations
Configuration 1 (hide)
|
History
01 Aug 2025, 16:00
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.46:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.5:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.39:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1.3:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.18:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.7:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.20:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.5:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.30:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.7:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.8:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.33:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.11:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.55:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.12:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.9:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.53:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.56:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.15:*:*:*:*:*:*:* |
|
First Time |
Cisco
Cisco adaptive Security Appliance Software |
|
References | () https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssh-rce-gRAuPEUF - Vendor Advisory | |
References | () https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO - Broken Link | |
References | () https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300 - Vendor Advisory |
25 Oct 2024, 12:56
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
23 Oct 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-23 17:15
Updated : 2025-08-01 16:00
NVD link : CVE-2024-20329
Mitre link : CVE-2024-20329
CVE.ORG link : CVE-2024-20329
JSON object : View
Products Affected
cisco
- adaptive_security_appliance_software
CWE
CWE-146
Improper Neutralization of Expression/Command Delimiters