CVE-2024-20439

🗓️ 04 Sep 2024 16:28:39Reported by ciscoType

cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 352 Views

A vulnerability in Cisco Smart Licensing Utility allows unauthenticated remote access using static administrative credentia

Reporter	Title	Published	Views	Family All 22
ATTACKERKB	CVE-2024-20439	4 Sep 202400:00	–	attackerkb
BDU FSTEC	The vulnerability of the Cisco Smart License Utility software management software lies in its ability to disclose information through registration files, allowing a violator to gain unauthorized access to confidential information and unauthorized access to the API.	6 Sep 202400:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the Cisco Smart License Utility software management software lies in undocumented static user credentials. This allows a malicious individual to gain unauthorized access to confidential information and to access the API without proper authorization.	6 Sep 202400:00	–	bdu_fstec
Circl	CVE-2024-20439	4 Sep 202420:15	–	circl
CISA KEV Catalog	Cisco Smart Licensing Utility Static Credential Vulnerability	31 Mar 202500:00	–	cisa_kev
CISA	Cisco Releases Security Updates for Cisco Smart Licensing Utility	10 Sep 202412:00	–	cisa
CISA	CISA Adds One Known Exploited Vulnerability to Catalog	31 Mar 202512:00	–	cisa
Cisco	Cisco Smart Licensing Utility Vulnerabilities	4 Sep 202416:00	–	cisco
Tenable Nessus	Cisco Smart Licensing Utility (CSLU) 2.x < 2.3.0 Multiple Vulnerabilities (cisco-sa-cslu-7gHMzWmw)	5 Sep 202400:00	–	nessus
CNNVD	Cisco Smart Licensing Utility 信任管理问题漏洞	4 Sep 202400:00	–	cnnvd

NVD

Node

cisco smart_license_utilityRange2.0.0–2.3.0

[
  {
    "vendor": "Cisco",
    "product": "Cisco Smart License Utility",
    "versions": [
      {
        "version": "2.1.0",
        "status": "affected"
      },
      {
        "version": "2.0.0",
        "status": "affected"
      },
      {
        "version": "2.2.0",
        "status": "affected"
      }
    ]
  }
]

Source	Link
sec	www.sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw
cisa	www.cisa.gov/known-exploited-vulnerabilities-catalog

17 Jun 2026 07:07Current

9.5High risk

Vulners AI Score9.5

CVSS 3.19.8

EPSS0.9201

SSVC

cisco smart licensing remote access static credential administrative privileges