CVE-2024-20252
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
9.2 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
33.4%
Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to conduct cross-site request forgery (CSRF) attacks that perform arbitrary actions on an affected device.
Note: “Cisco Expressway Series” refers to Cisco Expressway Control (Expressway-C) devices and Cisco Expressway Edge (Expressway-E) devices.
For more information about these vulnerabilities, see the Details [“#details”] section of this advisory.
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| cisco:expressway | cisco expressway | le | 15.0 |
CNA Affected
[
{
"vendor": "Cisco",
"product": "Cisco TelePresence Video Communication Server (VCS) Expressway",
"versions": [
{
"version": "X8.5.1",
"status": "affected"
},
{
"version": "X8.5.3",
"status": "affected"
},
{
"version": "X8.5",
"status": "affected"
},
{
"version": "X8.6.1",
"status": "affected"
},
{
"version": "X8.6",
"status": "affected"
},
{
"version": "X8.1.1",
"status": "affected"
},
{
"version": "X8.1.2",
"status": "affected"
},
{
"version": "X8.1",
"status": "affected"
},
{
"version": "X8.2.1",
"status": "affected"
},
{
"version": "X8.2.2",
"status": "affected"
},
{
"version": "X8.2",
"status": "affected"
},
{
"version": "X8.7.1",
"status": "affected"
},
{
"version": "X8.7.2",
"status": "affected"
},
{
"version": "X8.7.3",
"status": "affected"
},
{
"version": "X8.7",
"status": "affected"
},
{
"version": "X8.8.1",
"status": "affected"
},
{
"version": "X8.8.2",
"status": "affected"
},
{
"version": "X8.8.3",
"status": "affected"
},
{
"version": "X8.8",
"status": "affected"
},
{
"version": "X8.9.1",
"status": "affected"
},
{
"version": "X8.9.2",
"status": "affected"
},
{
"version": "X8.9",
"status": "affected"
},
{
"version": "X8.10.0",
"status": "affected"
},
{
"version": "X8.10.1",
"status": "affected"
},
{
"version": "X8.10.2",
"status": "affected"
},
{
"version": "X8.10.3",
"status": "affected"
},
{
"version": "X8.10.4",
"status": "affected"
},
{
"version": "X12.5.8",
"status": "affected"
},
{
"version": "X12.5.9",
"status": "affected"
},
{
"version": "X12.5.0",
"status": "affected"
},
{
"version": "X12.5.2",
"status": "affected"
},
{
"version": "X12.5.7",
"status": "affected"
},
{
"version": "X12.5.3",
"status": "affected"
},
{
"version": "X12.5.4",
"status": "affected"
},
{
"version": "X12.5.5",
"status": "affected"
},
{
"version": "X12.5.1",
"status": "affected"
},
{
"version": "X12.5.6",
"status": "affected"
},
{
"version": "X12.6.0",
"status": "affected"
},
{
"version": "X12.6.1",
"status": "affected"
},
{
"version": "X12.6.2",
"status": "affected"
},
{
"version": "X12.6.3",
"status": "affected"
},
{
"version": "X12.6.4",
"status": "affected"
},
{
"version": "X12.7.0",
"status": "affected"
},
{
"version": "X12.7.1",
"status": "affected"
},
{
"version": "X8.11.1",
"status": "affected"
},
{
"version": "X8.11.2",
"status": "affected"
},
{
"version": "X8.11.4",
"status": "affected"
},
{
"version": "X8.11.3",
"status": "affected"
},
{
"version": "X8.11.0",
"status": "affected"
},
{
"version": "X14.0.1",
"status": "affected"
},
{
"version": "X14.0.3",
"status": "affected"
},
{
"version": "X14.0.2",
"status": "affected"
},
{
"version": "X14.0.4",
"status": "affected"
},
{
"version": "X14.0.5",
"status": "affected"
},
{
"version": "X14.0.6",
"status": "affected"
},
{
"version": "X14.0.7",
"status": "affected"
},
{
"version": "X14.0.8",
"status": "affected"
},
{
"version": "X14.0.9",
"status": "affected"
},
{
"version": "X14.0.10",
"status": "affected"
},
{
"version": "X14.0.11",
"status": "affected"
},
{
"version": "X14.2.1",
"status": "affected"
},
{
"version": "X14.2.2",
"status": "affected"
},
{
"version": "X14.2.5",
"status": "affected"
},
{
"version": "X14.2.6",
"status": "affected"
},
{
"version": "X14.2.0",
"status": "affected"
},
{
"version": "X14.2.7",
"status": "affected"
},
{
"version": "X14.3.0",
"status": "affected"
},
{
"version": "X14.3.1",
"status": "affected"
},
{
"version": "X14.3.2",
"status": "affected"
}
]
}
]Social References
More
Related
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
9.2 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
33.4%