CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
AI Score
Confidence
High
According to its self-reported version, Cisco Expressway Edge Improper Authorization is affected by a vulnerability.
Please see the included Cisco BIDs and Cisco Security Advisory for more information.
#TRUSTED 90822eed4970fb056312904d840afbd502a425ca1a21da00853407c4834c5df3ba0a6a2a536eb4c29ce9e1a7d35bcf1f97b67d26d0236708f5e6faf4968f43561fa054a4aac09eb74a6660b28ffeba3b859d4ae2e6fbacaad5f051335af710e1d2e61d2aa33fee8652b370febe00d36b32a1dbb6d6e4f3399f013819a602abb124d2d14317a8831b42da12b664904fd5f1650b1297aa3f2ba43f8d3c6685c66d9c1738d643ba858afd431d785249425a3edb4751a133d80ee4949b1e626c1ad7ff20a185f3c842cc72d02f74864367f242ffa241175594a91def18c5114d45531753bf42d13e48df5349cc017e67092a80de658326ec0718fa20a915e1cf6f7af27dd39a961c782ddbb835d6343047a44d2707646e3522fa4f9427ed30f38885a408f2f6df6f929e2be028c4b0da5138848ea43a3ff8936eaeb7d6e15c59f487a43a82d5d8dc39d0ff2f01928c3c1d1589d53825c8d26397f2991431d9418068841ef213a516ce3f0e222f24beaca080ba2bf610ffb8d28ac455806392a992a7cdee43c439c410b6102e14ce6d052b47ea4a041661e82931fb90a86a2b28d20698928f0e2537550fa68574541c8ec0f4766387d26a1a1d4713af6c36ded8e91c5f3d9a54694ed9c42329d6f29dde8e92d201f94a1922660eefbd295921dfc898635aec31af37fda7f0e8a47330580c80ac416819ed08ff7e1a5a91f74b3b2851
#TRUST-RSA-SHA256 7bd8197b081f12488eaa97045919d4f8a807cf0f5cc960113874c96ea6eb388bd6876a37e19c0d9381217b7ff7ee0e3f522747fb1d53dc7f56da7edf771b179442fb42118d5fc6c4c2b5ea9fd8c40a806906cd348d0f4a7082b86bb91f1dd535c99a48cd71d3cb7e22fd0c2b67680b9a4acf0daa8044491aecd61f33ff81782601729e61b8b75a68a3520734124a64ee9edb76017776884ad488af882fa3139585f761a091156880a559a3a404c3553c2589d792bf1077151929db26db3036441133b79249a1b62aefdac1deb374efc494a4e0036cef10769c695ffc0817bc3c9803b5e90d3d8981c7a0f71bdf4f2e61405a1783124f240bde77760571538688a727c4b7fa0b90b703bcc991f72de281fabfc884e963d193f32832e66d00df4c22f2baf3d0ee16cfeee7b0799f022ba52a8cb0717e1451a665afc5747fd6fc68c0049e38c5998939ea0f283c9f1ac61f87c3000f106dd6cd2fbe7c7a108eb8dae0af3fab3b8ad71f0eaed436acc242d8b85e54f556d2f406417ae4d68d79c9d0f5a881998f39aa282645ce4d0ab1c860f849a446edfb3633ca7ae572876bc9d7d271b7c8bdab7bc9e090ba8a333d0c01b3ab1807285dc7ed993bd197c6e88ea89d14d3db388f8777cf448be8999098b36928f2ee24a5c933a579177e24309504987a15bf92e98b96720c22bdd87039b1501298cebcbdb8d6532534964fdafb2b
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(206980);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/09/13");
script_cve_id("CVE-2024-20497");
script_xref(name:"CISCO-BUG-ID", value:"CSCwa25058");
script_xref(name:"CISCO-SA", value:"cisco-sa-expressway-auth-kdFrcZ2j");
script_xref(name:"IAVA", value:"2024-A-0548");
script_name(english:"Cisco Expressway Edge Improper Authorization (cisco-sa-expressway-auth-kdFrcZ2j)");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
script_set_attribute(attribute:"description", value:
"According to its self-reported version, Cisco Expressway Edge Improper Authorization is affected by a vulnerability.
- A vulnerability in Cisco Expressway Edge (Expressway-E) could allow an authenticated, remote attacker to
masquerade as another user on an affected system. This vulnerability is due to inadequate authorization
checks for Mobile and Remote Access (MRA) users. An attacker could exploit this vulnerability by running a
series of crafted commands. A successful exploit could allow the attacker to intercept calls that are
destined for a particular phone number or to make phone calls and have that phone number appear on the
caller ID. To successfully exploit this vulnerability, the attacker must be an MRA user on an affected
system. (CVE-2024-20497)
Please see the included Cisco BIDs and Cisco Security Advisory for more information.");
# https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-auth-kdFrcZ2j
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?3d8260b9");
script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa25058");
script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug ID CSCwa25058");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-20497");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(285);
script_set_attribute(attribute:"vuln_publication_date", value:"2024/09/04");
script_set_attribute(attribute:"patch_publication_date", value:"2024/09/04");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/09/11");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/h:cisco:telepresence_video_communication_server");
script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:telepresence_video_communication_server_software");
script_set_attribute(attribute:"stig_severity", value:"II");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CISCO");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("cisco_telepresence_video_communication_server_detect.nbin");
script_require_keys("Cisco/TelePresence_VCS/Version");
exit(0);
}
include('ccf.inc');
var product_info = cisco::get_product_info(name:'Cisco TelePresence VCS');
var vuln_ranges = [
{ 'min_ver':'0.0', 'fix_ver' : '15.2' }
];
var reporting = make_array(
'port' , 0,
'severity' , SECURITY_WARNING,
'version' , product_info['version'],
'bug_id' , 'CSCwa25058',
'disable_caveat', TRUE
);
cisco::check_and_report(
product_info:product_info,
reporting:reporting,
vuln_ranges:vuln_ranges
);