CVE-2024-20332

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a server-side request forgery (SSRF) attack through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to send arbitrary network requests that are sourced from the affected device. To successfully exploit this vulnerability, the attacker would need valid Super Admin credentials.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.3 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-ssrf-FtSTh5Oz

Configurations

No configuration.

History

01 Nov 2024, 16:35

Type	Values Removed	Values Added
Summary		(es) Una vulnerabilidad en la interfaz de administración basada en web de Cisco Identity Services Engine (ISE) podría permitir que un atacante remoto autenticado lleve a cabo un ataque de server-side request forgery (SSRF) a través de un dispositivo afectado. Esta vulnerabilidad se debe a una validación de entrada incorrecta para solicitudes HTTP específicas. Un atacante podría aprovechar esta vulnerabilidad enviando una solicitud HTTP manipulada a un dispositivo afectado. Un exploit exitoso podría permitir al atacante enviar solicitudes de red arbitrarias provenientes del dispositivo afectado. Para explotar con éxito esta vulnerabilidad, el atacante necesitaría credenciales de superadministrador válidas.

03 Apr 2024, 17:24

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-04-03 17:15

Updated : 2024-11-01 16:35

NVD link : CVE-2024-20332

Mitre link : CVE-2024-20332

CVE.ORG link : CVE-2024-20332

JSON object : View

Products Affected

No product.

CWE

CWE-918

Server-Side Request Forgery (SSRF)

{"id": "CVE-2024-20332", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.3}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.3}]}, "published": "2024-04-03T17:15:48.713", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-ssrf-FtSTh5Oz", "source": "ykramarz@cisco.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-918"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-918"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a server-side request forgery (SSRF) attack through an affected device.\r\n\r This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to send arbitrary network requests that are sourced from the affected device. To successfully exploit this vulnerability, the attacker would need valid Super Admin credentials."}, {"lang": "es", "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Identity Services Engine (ISE) podr\u00eda permitir que un atacante remoto autenticado lleve a cabo un ataque de server-side request forgery (SSRF) a trav\u00e9s de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada incorrecta para solicitudes HTTP espec\u00edficas. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud HTTP manipulada a un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante enviar solicitudes de red arbitrarias provenientes del dispositivo afectado. Para explotar con \u00e9xito esta vulnerabilidad, el atacante necesitar\u00eda credenciales de superadministrador v\u00e1lidas."}], "lastModified": "2024-11-01T16:35:11.657", "sourceIdentifier": "ykramarz@cisco.com"}