CVSS: 8.8EPSS: 0%CPEs: 279EXPL: 0CVE-2024-20381 – Cisco Network Services Orchestrator Configuration Update Authorization Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-20381
A vulnerability in the JSON-RPC API feature in ConfD that is used by the web-based management interfaces of Cisco Crosswork Network Services Orchestrator (NSO), Cisco Optical Site Manager, and Cisco RV340 Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to modify the configuration of an affected application or device. This vulnerability is due to improper authorization checks on the API. An attacker with privileges sufficient to access the affected application or device could exploit this vulnerability by sending malicious requests to the JSON-RPC API. A successful exploit could allow the attacker to make unauthorized modifications to the configuration of the affected application or device, including creating new user accounts or elevating their own privileges on an affected system. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-auth-bypass-QnTEesp • CWE-285: Improper Authorization •
CVSS: 7.8EPSS: 0%CPEs: 148EXPL: 0CVE-2024-20366
https://notcve.org/view.php?id=CVE-2024-20366
A vulnerability in the Tail-f High Availability Cluster Communications (HCC) function pack of Cisco Crosswork Network Services Orchestrator (NSO) could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability exists because a user-controlled search path is used to locate executable files. An attacker could exploit this vulnerability by configuring the application in a way that causes a malicious file to be executed. A successful exploit could allow the attacker to execute arbitrary code on an affected device as the root user. To exploit this vulnerability, the attacker would need valid credentials on an affected device. Una vulnerabilidad en el paquete de funciones Tail-f High Availability Cluster Communications (HCC) de Cisco Crosswork Network Services Orchestrator (NSO) podría permitir a un atacante local autenticado elevar los privilegios a root en un dispositivo afectado. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-hcc-priv-esc-OWBWCs5D • CWE-73: External Control of File Name or Path •
CVSS: 4.7EPSS: 0%CPEs: 93EXPL: 0CVE-2024-20369
https://notcve.org/view.php?id=CVE-2024-20369
A vulnerability in the web-based management interface of Cisco Crosswork Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of a parameter in an HTTP request. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious website. Una vulnerabilidad en la interfaz de administración basada en web de Cisco Crosswork Network Services Orchestrator (NSO) podría permitir que un atacante remoto no autenticado redirija a un usuario a una página web maliciosa. Esta vulnerabilidad se debe a una validación de entrada incorrecta de un parámetro en una solicitud HTTP. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-ordir-MNM8YqzO • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •