Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.CISCO-SA-ISE-REST-5BPKRNTZ.NASL
HistorySep 10, 2024 - 12:00 a.m.

Cisco Identity Services Engine REST API Blind SQLi (cisco-sa-ise-rest-5bPKrNtZ)

2024-09-1000:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
8
cisco identity services engine
rest api
blind sql injection
vulnerabilities
authenticated
remote attacker
crafted input
data modification
cve-2024-20417
security advisory

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

AI Score

7.2

Confidence

High

JSON

According to its self-reported version, Cisco Identity Services Engine REST API Blind SQL Injection Vulnerabilities is affected by a Blind SQL Injection (SQLi) vulnerability.

  • Multiple vulnerabilities in the REST API of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct blind SQL injection attacks. These vulnerabilities are due to insufficient validation of user-supplied input in REST API calls. An attacker could exploit these vulnerabilities by sending crafted input to an affected device. A successful exploit could allow the attacker to view or modify data on the affected device. (CVE-2024-20417)

Please see the included Cisco BIDs and Cisco Security Advisory for more information.

#TRUSTED 850808637078063f4af9e872c0fe522bcd54310202e77b9d6c2683481155cfdbb0fd7988c8c0044f2cbd7bbda7048d69081a0aab30597a83256fda78b6b1ff193d9b5e932d45b9ca1e0ac178b4bd59e02a57c31259e5d0649b8388e33dd586c4e655aa2110c48ae41067c991a65b2897690523d24f34a3a0d37f5810a76d84bf80edd17b28301230babcd3f4e76bfa389153bf663ad1038d1ef98f0aa5e0063940bd94ee226fbc96e5a0780b4f693768f52f68a33501047fe87a1b7f53fe00cf7931dac607895c39bf2e546f5527635ca8c926b60d48467a191dfcaa25a613a354a70c7fcf9faacc205ccc81a02ded58add7fc46d698e54c1e4cfb784bfe91327e893c4a55e69d17860ea5be754e678ae2e5574616e6c0b066758f082d09807c6d54f6f43fc2b3b9d2cf371e578124336e3a38e8f3105cadeedc10e67356baf8a1cdb25fe47f1450363022c73c900b6528e3507bd740734664d4fad2cb89f663c3a36957c5ae71f4a01682082c45e6f4169c1cf842c622eed906b588ed11de589650006b4ac39d9e3f579a068d6dcbff8d6ac5074358c1ed15d625531e7f09efd65cf560f153408ecedbe2c1a56121d80426d89fd616761f0ae8bfe577eabb15683aa57fd9d6c9c3c9c56ec3a124917fdf53b1f3208f6a6387a3075bf2038a87e17fa914bc8ca419463bde0969987ee2558b93e2657590d62ebf4cc07d39c40b
#TRUST-RSA-SHA256 0972d9cea5cb685482c2fac5d99f38c89b3075753b292e38e79170168ee51249e7cea18e93c9ba9802ce1dc536e0df2c910a774e736a44d8187b8290e6e2a9b77a07cce75ea3725025107f3f37d24072f75acf5832526b52b4f6ebb01a7fd39374b1d778ae71deca39a8b7b0de82618e8a4aac64045cfdb2a968799f7438b78667a03cc3a2bc6a455e2e2f1107cc097dccbb37d41eb9a197196332eaa6ceb87c873fa1ffc9498cf3d65dc41c32cb384c147c5a9edf630b51eb0552ed3843617583edad2b99f91445dbbafb438f6009f63efcee4f31f30e2605fce36ca410692eeffa07fb41d346032771bfce3e403d465efa40e48ab80175be63e743fbb329c40b8ee5df4fa0e075b098499bd6485d3935bfdaf5ad39f5fd2b441599bdb77961aa1b6a4180cf2f2bd838dda1bd56f6055b387b6612ced2825dcb12b3e9392503be6030245f82b3f4dd4f1adda3e032b857e3f74a7487e43e871543161d14b9ff3dc329224b3d77949638b818797214bd078877eef89385e918ee5412a2076e849c54de81b51bdf18224b17b30a6ab13b13ca48c738b0c02d09fc0393a57389bfae31788a87dcd2be6787549fa606048e4dcff02b382b24bde315f6a788edd04d35d2d774ca350ede5292e5c1847a8e8429a58e4e9d57b414b77d62f88bf5d6de1f62d4e6960f77170e53eaa68618f454e703eabd7ec31eecef714f8a81f49e83
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(206882);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/09/17");

  script_cve_id("CVE-2024-20417");
  script_xref(name:"CISCO-BUG-ID", value:"CSCwj94294");
  script_xref(name:"CISCO-BUG-ID", value:"CSCwj94297");
  script_xref(name:"CISCO-BUG-ID", value:"CSCwj94305");
  script_xref(name:"CISCO-BUG-ID", value:"CSCwj94315");
  script_xref(name:"CISCO-SA", value:"cisco-sa-ise-rest-5bPKrNtZ");
  script_xref(name:"IAVA", value:"2024-A-0414-S");

  script_name(english:"Cisco Identity Services Engine REST API Blind SQLi (cisco-sa-ise-rest-5bPKrNtZ)");

  script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
  script_set_attribute(attribute:"description", value:
"According to its self-reported version, Cisco Identity Services Engine REST API Blind SQL Injection Vulnerabilities is
affected by a Blind SQL Injection (SQLi) vulnerability.

  - Multiple vulnerabilities in the REST API of Cisco Identity Services Engine (ISE) could allow an
    authenticated, remote attacker to conduct blind SQL injection attacks. These vulnerabilities are due to
    insufficient validation of user-supplied input in REST API calls. An attacker could exploit these
    vulnerabilities by sending crafted input to an affected device. A successful exploit could allow the
    attacker to view or modify data on the affected device. (CVE-2024-20417)

Please see the included Cisco BIDs and Cisco Security Advisory for more information.");
  # https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rest-5bPKrNtZ
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?7be112f7");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwj94294");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwj94297");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwj94305");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwj94315");
  script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug IDs CSCwj94294, CSCwj94297, CSCwj94305, CSCwj94315");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:M/C:C/I:C/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-20417");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(89);

  script_set_attribute(attribute:"vuln_publication_date", value:"2024/08/21");
  script_set_attribute(attribute:"patch_publication_date", value:"2024/08/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2024/09/10");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:cisco:identity_services_engine");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:identity_services_engine");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:identity_services_engine_software");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CISCO");

  script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("cisco_ise_detect.nbin");
  script_require_keys("Host/Cisco/ISE/version");

  exit(0);
}

include('ccf.inc');
include('cisco_ise_func.inc');

var product_info = cisco::get_product_info(name:'Cisco Identity Services Engine Software');

var vuln_ranges = [
  {'min_ver':'0.0', 'fix_ver':'3.1.0.518', required_patch:'10'},
  {'min_ver':'3.2', 'fix_ver':'3.2.0.542', required_patch:'7'}, # At the time of plugin release 3.2 Patch 7 is slated for release September 2024
  {'min_ver':'3.3', 'fix_ver':'3.3.0.430', required_patch:'4'}, # At the time of plugin release 3.3 Patch 4 is slated for release October 2024
];

var required_patch = get_required_patch(vuln_ranges:vuln_ranges, version:product_info['version']);  

var reporting = make_array(
  'port'          , 0,
  'severity'      , SECURITY_HOLE,
  'version'       , product_info['version'],
  'flags'         , {'sqli':TRUE},
  'bug_id'        , 'CSCwj94294, CSCwj94297, CSCwj94305, CSCwj94315',
  'disable_caveat', TRUE
);

cisco::check_and_report(
  product_info:product_info,
  reporting:reporting,
  vuln_ranges:vuln_ranges,
  required_patch: required_patch
);

Related

nvd 1
cisco 1
vulnrichment 1
cve 1
cvelist 1
nvd
nvd
CVE-2024-20417
2024-08-21 20:15:08
cisco
cisco
Cisco Identity Services Engine REST API Blind SQL Injection Vulnerabilities
2024-08-21 16:00:00
vulnrichment
vulnrichment
CVE-2024-20417 Cisco Identity Services Engine REST API Blind SQL Injection Vulnerabities
2024-08-21 19:16:43
cve
cve
CVE-2024-20417
2024-08-21 20:15:08
cvelist
cvelist
CVE-2024-20417 Cisco Identity Services Engine REST API Blind SQL Injection Vulnerabities
2024-08-21 19:16:43

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

AI Score

7.2

Confidence

High

JSON
Related for CISCO-SA-ISE-REST-5BPKRNTZ.NASL
nvd1cisco1vulnrichment1cve1cvelist1