- 76/2024
- High
Cisco has released security updates to fix several vulnerabilities across multiple Cisco products.
The addressed vulnerabilities could allow the attacker to obtain sensitive information, conduct cross-site scripting attacks, gain elevated privileges, or execute arbitrary code, and gain access to the affected products.
Sample of the addressed vulnerabilities:
1. Cisco Secure Client Carriage Return Line Feed Injection (CVE-2024-20337):
- CVSS: 8.2
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Consequences: Gain Access
2. Cisco Secure Client for Linux with ISE Posture Module Privilege Escalation Vulnerability (CVE-2024-20338):
- CVSS: 7.3
- Attack Vector: Local
- Attack Complexity: Low
- Privileges RequiredLow
- User Interaction: Required
- Consequences: Gain Privileges
The affected products:
- Cisco Secure Client for Linux and have the ISE Posture module installed.
- Secure Client for Linux, macOS, and Windows, and the VPN headend is configured with the SAML External Browser feature.
- Cisco Small Business 100, 300, and 500 Series Wireless APs and firmware releases.
- Cisco Duo Authentication for Windows Logon and RDP.
- Cisco AppDynamics Controller cloud-based.
Vulnerabilities
- CVE-2024-20335
- CVE-2024-20336
- CVE-2024-20337
- CVE-2024-20338
- CVE-2024-20345
- CVE-2024-20346
- CVE-2024-20292
- CVE-2024-20301
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.