Cisco also dropped a banger 10.0 today, for their SSM On-Prem Password Manager!
CVE-2024-20419A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote attacker to change the password of any user, including administrative users.Lmao, so basically it's a one-stop shop for any account an attacker wants.
sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-auth-sLw3uhUy
#Cisco #Vulnerability #CVE_2024_20419
Taggart :donor: /
npub1ft…k87qx
2024-07-17 17:29:17
Author Public Key
npub1ftansv8hchdst4vngsu808mrc0k3gqd2qw3wkrxrekn5xce6afss2k87qxPublished at
2024-07-17 17:29:17Event JSON
{
"id": "e74057f9f0f9828b681bf12e376b4ddaf38aa498312c09164abe8fdc4e598928",
"pubkey": "4afb3830f7c5db05d5934438779f63c3ed1401aa03a2eb0cc3cda743633aea61",
"created_at": 1721237357,
"kind": 1,
"tags": [
[
"t",
"cisco"
],
[
"t",
"vulnerability"
],
[
"t",
"cve_2024_20419"
],
[
"proxy",
"https://infosec.town/notes/9vtole8vjrbmllyk",
"activitypub"
]
],
"content": "Cisco also dropped a banger 10.0 today, for their SSM On-Prem Password Manager!\n\nCVE-2024-20419A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote attacker to change the password of any user, including administrative users.Lmao, so basically it's a one-stop shop for any account an attacker wants.\n\nsec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-auth-sLw3uhUy\n\n#Cisco #Vulnerability #CVE_2024_20419",
"sig": "5ef5ed348b25f21c292875ebdc2e688a7d5b1326f517cc7ea3445edc85e40198ece5ebbc99b280410928ae8f17f7a3202b25e3db7fa399de49e25752325a6e01"
}