Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Vulnerability fixed in Cisco Smart Software Manager On-Prem

🗓️ 19 Jul 2024 13:06:00Reported by NCSCType 
ncsc
 ncsc🔗 advisories.ncsc.nl👁 3 Views

A vulnerability in Cisco Smart Software Manager On Prem allowed unauthenticated attackers to change user passwords via a web request, potentially gaining access to the web UI or API.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
BDU FSTEC		The vulnerability of the Cisco Smart Software Manager On-Premium software authentication system, which stems from the lack of necessary checks during password changes, allows attackers to gain access to the administration web interface.
23 Jul 202400:00
bdu_fstec
Circl		CVE-2024-20419
17 Jul 202419:53
circl
Cisco		Cisco Smart Software Manager On-Prem Password Change Vulnerability
17 Jul 202416:00
cisco
Tenable Nessus		Cisco Smart Software Manager On-Prem Password Change (cisco-sa-cssm-auth-sLw3uhUy)
9 Aug 202400:00
nessus
Tenable Nessus		Cisco Smart Software Manager On-Prem Password Change Vulnerability (CVE-2024-20419) (Direct Check)
8 Aug 202400:00
nessus
CVE		CVE-2024-20419
17 Jul 202416:27
cve
Cvelist		CVE-2024-20419
17 Jul 202416:27
cvelist
Exploit DB		Cisco Smart Software Manager On-Prem 8-202206 - Account Takeover
10 Apr 202500:00
exploitdb
Metasploit		Cisco Smart Software Manager (SSM) On-Prem Account Takeover (CVE-2024-20419)
24 Sep 202418:53
metasploit
Nuclei		Cisco SSM On-Prem <= 8-202206 - Password Reset Account Takeover
11 Jun 202603:33
nuclei
Rows per page
Vulners
Node
ciscosmart_software_manager_on-premMatch8-202206

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
19 Jul 2024 13:06Current
7High risk
Vulners AI Score7
CVSS 3.110
EPSS0.91469
SSVC
Cisco Smart Software ManagerOn Premunauthenticated attackerpassword changeweb user interfaceapplication programming interface
3