CVE-2024-20469: Cisco Identity Services Engine Command Injection Vulnerability
First published: Wed Sep 04 2024(Updated: )
A vulnerability in specific CLI commands in Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have valid Administrator privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Identity Services Engine | =3.2 | |
| Cisco Identity Services Engine | =3.2-patch1 | |
| Cisco Identity Services Engine | =3.2-patch2 | |
| Cisco Identity Services Engine | =3.2-patch3 | |
| Cisco Identity Services Engine | =3.2-patch4 | |
| Cisco Identity Services Engine | =3.2-patch5 | |
| Cisco Identity Services Engine | =3.2-patch6 | |
| Cisco Identity Services Engine | =3.3 | |
| Cisco Identity Services Engine | =3.3-patch1 | |
| Cisco Identity Services Engine | =3.3-patch2 | |
| Cisco Identity Services Engine | =3.3-patch3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-20469?
CVE-2024-20469 is classified as a critical vulnerability due to its potential to allow command injection and privilege escalation to root.
How do I fix CVE-2024-20469?
To mitigate CVE-2024-20469, update Cisco Identity Services Engine to the latest patched version recommended by Cisco.
What versions are affected by CVE-2024-20469?
CVE-2024-20469 affects Cisco Identity Services Engine versions 3.2, 3.2-patch1 through 3.2-patch6, and 3.3, including the first three patches.
Who can exploit CVE-2024-20469?
Only an authenticated local attacker with access to specific CLI commands can exploit the CVE-2024-20469 vulnerability.
What actions can an attacker perform with CVE-2024-20469?
An attacker exploiting CVE-2024-20469 can execute arbitrary commands on the underlying operating system with root privileges.
- agent/title
- agent/weakness
- agent/type
- agent/description
- agent/first-publish-date
- agent/author
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2024-20469
- alias/CVE-2024-20295
- alias/CVE-2024-20401
- agent/references
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/severity
- agent/last-modified-date
- agent/softwarecombine
- agent/event
- agent/tags
- agent/trending
- agent/source
- vendor/cisco
- canonical/cisco identity services engine
- version/cisco identity services engine/3.2
- version/cisco identity services engine/3.2-patch1
- version/cisco identity services engine/3.2-patch2
- version/cisco identity services engine/3.2-patch3
- version/cisco identity services engine/3.2-patch4
- version/cisco identity services engine/3.2-patch5
- version/cisco identity services engine/3.2-patch6
- version/cisco identity services engine/3.3
- version/cisco identity services engine/3.3-patch1
- version/cisco identity services engine/3.3-patch2
- version/cisco identity services engine/3.3-patch3