CVE-2024-20439: Cisco Smart Licensing Utility Static Credential Vulnerability
First published: Wed Sep 04 2024(Updated: )
A vulnerability in Cisco Smart Licensing Utility (CSLU) could allow an unauthenticated, remote attacker to log into an affected system by using a static administrative credential. This vulnerability is due to an undocumented static user credential for an administrative account. An attacker could exploit this vulnerability by using the static credentials to login to the affected system. A successful exploit could allow the attacker to login to the affected system with administrative rights over the CSLU application API.
Credit: psirt@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Smart Licensing Utility | >=2.0.0<2.3.0 | |
| Cisco Smart Licensing Utility | ||
| >=2.0.0<2.3.0 |
Remedy
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.bleepingcomputer.com/news/security/cisco-warns-of-backdoor-admin-account-in-smart-licensing-utility/
- https://www.bleepingcomputer.com/news/security/critical-cisco-smart-licensing-utility-flaws-now-exploited-in-attacks/
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw
- https://nvd.nist.gov/vuln/detail/CVE-2024-20439
- https://www.bleepingcomputer.com/news/security/cisco-warns-of-cslu-backdoor-admin-account-used-in-attacks/
Frequently Asked Questions
What is the severity of CVE-2024-20439?
The severity of CVE-2024-20439 is classified as high due to the potential for unauthorized access to systems.
How do I fix CVE-2024-20439?
To fix CVE-2024-20439, update Cisco Smart Licensing Utility to the latest version that addresses the static credential issue.
What systems are affected by CVE-2024-20439?
CVE-2024-20439 affects Cisco Smart Licensing Utility versions between 2.0.0 and 2.3.0.
Can CVE-2024-20439 be exploited remotely?
Yes, CVE-2024-20439 can be exploited remotely by an unauthenticated attacker.
What is the cause of CVE-2024-20439?
CVE-2024-20439 is caused by the presence of an undocumented static user credential for an administrative account.
- agent/title
- agent/type
- agent/first-publish-date
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2024-20439
- alias/CVE-2024-20440
- alias/CVE-2024-20419
- alias/CVE-2024-20399
- alias/CVE-2024-20353
- alias/CVE-2024-20359
- agent/weakness
- alias/CVE-2024-0305
- agent/severity
- collector/cisa-known-exploited
- source/CISA
- exploited/true
- agent/software-canonical-lookup
- agent/source
- agent/references
- agent/remedy
- agent/trending
- agent/softwarecombine
- collector/nvd-cve
- source/NVD
- agent/event
- agent/author
- agent/tags
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- agent/last-modified-date
- agent/description
- agent/news-ai
- vendor/cisco
- canonical/cisco smart licensing utility
- version/cisco smart licensing utility/2.0.0