CVE-2024-20345
Severity Score
6.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track
*SSVC
Descriptions
A vulnerability in the file upload functionality of Cisco AppDynamics Controller could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to access sensitive data on an affected device.
Una vulnerabilidad en la funcionalidad de carga de archivos de Cisco AppDynamics Controller podría permitir que un atacante remoto autenticado realice ataques de directory traversal en un dispositivo afectado. Esta vulnerabilidad se debe a una validación insuficiente de la entrada proporcionada por el usuario. Un atacante podría aprovechar esta vulnerabilidad enviando una solicitud manipulada a un dispositivo afectado. Un exploit exitoso podría permitir al atacante acceder a datos confidenciales en un dispositivo afectado.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-11-08 CVE Reserved
- 2024-03-06 CVE Published
- 2024-11-05 CVE Updated
- 2024-11-06 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- CWE-26: Path Traversal: '/dir/../filename'
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-appd-traversal-m7N8mZpF |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 21.2.0 Search vendor "Cisco" for product "Cisco AppDynamics" and version "21.2.0" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 21.2.1 Search vendor "Cisco" for product "Cisco AppDynamics" and version "21.2.1" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 21.2.2 Search vendor "Cisco" for product "Cisco AppDynamics" and version "21.2.2" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 21.2.3 Search vendor "Cisco" for product "Cisco AppDynamics" and version "21.2.3" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 21.2.6 Search vendor "Cisco" for product "Cisco AppDynamics" and version "21.2.6" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 21.2.7 Search vendor "Cisco" for product "Cisco AppDynamics" and version "21.2.7" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 21.2.8 Search vendor "Cisco" for product "Cisco AppDynamics" and version "21.2.8" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 21.4.0 Search vendor "Cisco" for product "Cisco AppDynamics" and version "21.4.0" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 21.4.10 Search vendor "Cisco" for product "Cisco AppDynamics" and version "21.4.10" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 21.4.11 Search vendor "Cisco" for product "Cisco AppDynamics" and version "21.4.11" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 21.4.2 Search vendor "Cisco" for product "Cisco AppDynamics" and version "21.4.2" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 21.4.3 Search vendor "Cisco" for product "Cisco AppDynamics" and version "21.4.3" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 21.4.4 Search vendor "Cisco" for product "Cisco AppDynamics" and version "21.4.4" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 21.4.5 Search vendor "Cisco" for product "Cisco AppDynamics" and version "21.4.5" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 21.4.6 Search vendor "Cisco" for product "Cisco AppDynamics" and version "21.4.6" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 21.4.7 Search vendor "Cisco" for product "Cisco AppDynamics" and version "21.4.7" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 21.4.8 Search vendor "Cisco" for product "Cisco AppDynamics" and version "21.4.8" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 21.4.9 Search vendor "Cisco" for product "Cisco AppDynamics" and version "21.4.9" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 21.11.0 Search vendor "Cisco" for product "Cisco AppDynamics" and version "21.11.0" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 21.5.0 Search vendor "Cisco" for product "Cisco AppDynamics" and version "21.5.0" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 21.6.0 Search vendor "Cisco" for product "Cisco AppDynamics" and version "21.6.0" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 21.12.0 Search vendor "Cisco" for product "Cisco AppDynamics" and version "21.12.0" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 21.12.2 Search vendor "Cisco" for product "Cisco AppDynamics" and version "21.12.2" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 21.12.1 Search vendor "Cisco" for product "Cisco AppDynamics" and version "21.12.1" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 22.1.0 Search vendor "Cisco" for product "Cisco AppDynamics" and version "22.1.0" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 22.1.1 Search vendor "Cisco" for product "Cisco AppDynamics" and version "22.1.1" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 22.11.0 Search vendor "Cisco" for product "Cisco AppDynamics" and version "22.11.0" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 22.3.0 Search vendor "Cisco" for product "Cisco AppDynamics" and version "22.3.0" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 22.10.0 Search vendor "Cisco" for product "Cisco AppDynamics" and version "22.10.0" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 22.12.0 Search vendor "Cisco" for product "Cisco AppDynamics" and version "22.12.0" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 22.12.1 Search vendor "Cisco" for product "Cisco AppDynamics" and version "22.12.1" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 21.7.0 Search vendor "Cisco" for product "Cisco AppDynamics" and version "21.7.0" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 22.8.0 Search vendor "Cisco" for product "Cisco AppDynamics" and version "22.8.0" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 23.2.0 Search vendor "Cisco" for product "Cisco AppDynamics" and version "23.2.0" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 23.4.0 Search vendor "Cisco" for product "Cisco AppDynamics" and version "23.4.0" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 23.7.1 Search vendor "Cisco" for product "Cisco AppDynamics" and version "23.7.1" | en |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Cisco AppDynamics Search vendor "Cisco" for product "Cisco AppDynamics" | 23.7.0 Search vendor "Cisco" for product "Cisco AppDynamics" and version "23.7.0" | en |
Affected
| ||||||