March 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple Juniper Networks Junos Vulnerabilities
December 5, 2024Russian Turla APT Targets Afghan and Indian Entities Using Pakistani Hackers’ Servers – Active IOCs
December 5, 2024Multiple Juniper Networks Junos Vulnerabilities
December 5, 2024Russian Turla APT Targets Afghan and Indian Entities Using Pakistani Hackers’ Servers – Active IOCs
December 5, 2024
Severity
Medium
Analysis Summary
CVE-2024-20537 CVSS:6.5
Cisco Identity Services Engine could allow a remote authenticated attacker to bypass security restrictions, caused by improper access control. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass access restrictions to execute specific administrative functions.
CVE-2024-20538 CVSS:6.1
Cisco Identity Services Engine is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
CVE-2024-20539 CVSS:4.8
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct a stored XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface.
Impact
- Security Bypass
- Cross-Site Scripting
Indicators of Compromise
CVE
- CVE-2024-20537
- CVE-2024-20538
- CVE-2024-20539
Affected Vendors
Cisco
Affected Products
- Cisco Identity Services Engine Software
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.