CVE-2024-20419 (CVSS 10): Critical Flaw in Cisco Smart Software Manager Opens Door to Account Takeover

CVE-2024-20419

Cisco has issued an urgent security alert regarding a critical vulnerability (CVE-2024-20419) discovered in its Smart Software Manager (SSM) On-Prem and Satellite products. This vulnerability, with the highest possible severity rating (CVSS 10), could allow attackers to change the password of any user, including administrators, granting them full access to the software and potentially wreaking havoc on affected systems.

The Vulnerability Details

The flaw resides in the password change process of Cisco SSM On-Prem and Satellite. An unauthenticated, remote attacker could exploit this weakness by sending specially crafted HTTP requests to the targeted system. If successful, the attacker could gain control over any user account, including those with administrative privileges, effectively taking over the software and its associated functions.

Who’s Affected?

The vulnerability affects Cisco SSM On-Prem Release 8-202206 and earlier versions. It also impacts Cisco Smart Software Manager Satellite (SSM Satellite), which is the same product but was rebranded from Cisco SSM Satellite to Cisco SSM On-Prem starting with Release 7.0.

Patch Now – No Workarounds Available

Cisco has released software updates that address this vulnerability. Affected organizations must upgrade to Cisco SSM On-Prem Release 8-202212 or later immediately. There are no workarounds available, making patching the only effective defense against this threat.

As of the advisory release, Cisco’s Product Security Incident Response Team (PSIRT) has stated that there have been no public announcements or known instances of malicious exploitation of the CVE-2024-20419 vulnerability. However, due to the critical nature and ease of exploitation, it is essential to address this issue promptly to prevent any potential breaches.