CVE-2024-20333

🗓️ 27 Mar 2024 16:43:33Reported by ciscoType

Vulnerability in Cisco Catalyst Center allows unauthorized data change

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerability in the web interface of the Cisco Catalyst Center (formerly Cisco DNA Center) allows a attacker to access and modify data.	4 Apr 202400:00	–	bdu_fstec
Cisco	Cisco Catalyst Center Authorization Bypass Vulnerability	27 Mar 202416:00	–	cisco
CNNVD	Cisco DNA Center 安全漏洞	27 Mar 202400:00	–	cnnvd
CVE	CVE-2024-20333	27 Mar 202416:43	–	cve
EUVD	EUVD-2024-18048	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Cisco products	28 Mar 202400:00	–	ncsc
NVD	CVE-2024-20333	27 Mar 202417:15	–	nvd
OSV	CVE-2024-20333	27 Mar 202417:15	–	osv
Positive Technologies	PT-2024-2568 · Cisco · Cisco Catalyst Center	27 Mar 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-20333	23 May 202507:49	–	redhatcve

[
  {
    "vendor": "Cisco",
    "product": "Cisco Digital Network Architecture Center (DNA Center)",
    "versions": [
      {
        "version": "2.1.2.0",
        "status": "affected"
      },
      {
        "version": "2.1.2.3",
        "status": "affected"
      },
      {
        "version": "2.1.2.4",
        "status": "affected"
      },
      {
        "version": "2.1.2.5",
        "status": "affected"
      },
      {
        "version": "2.1.2.6",
        "status": "affected"
      },
      {
        "version": "2.1.2.7",
        "status": "affected"
      },
      {
        "version": "2.1.2.8",
        "status": "affected"
      },
      {
        "version": "2.2.2.3",
        "status": "affected"
      },
      {
        "version": "2.2.1.3",
        "status": "affected"
      },
      {
        "version": "2.2.2.4",
        "status": "affected"
      },
      {
        "version": "2.2.2.5",
        "status": "affected"
      },
      {
        "version": "2.2.2.8",
        "status": "affected"
      },
      {
        "version": "2.2.3.4",
        "status": "affected"
      },
      {
        "version": "2.2.3.3",
        "status": "affected"
      },
      {
        "version": "2.2.2.6",
        "status": "affected"
      },
      {
        "version": "2.2.3.5",
        "status": "affected"
      },
      {
        "version": "2.2.2.9",
        "status": "affected"
      },
      {
        "version": "2.2.3.6",
        "status": "affected"
      },
      {
        "version": "2.3.3.4",
        "status": "affected"
      },
      {
        "version": "2.3.3.5",
        "status": "affected"
      },
      {
        "version": "2.3.3.6",
        "status": "affected"
      },
      {
        "version": "2.3.3.7",
        "status": "affected"
      },
      {
        "version": "2.3.5.3",
        "status": "affected"
      },
      {
        "version": "VA Launchpad 1.2.1",
        "status": "affected"
      },
      {
        "version": "VA Launchpad 1.3.0",
        "status": "affected"
      },
      {
        "version": "VA Launchpad 1.5.0",
        "status": "affected"
      }
    ]
  }
]

Source	Link
sec	www.sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ccc-authz-bypass-5EKchJRb

27 Mar 2024 16:43Current

4.9Medium risk

Vulners AI Score4.9

CVSS 3.14.3

EPSS0.00365