Cisco has released a patch for critical vulnerability in Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) license servers that allow attackers to change any user’s password.
The vulnerability tracked as CVE-2024-20419 with a CVSS score of 10 is due to an improper implementation in the password-change process. Threat actors can trigger the vulnerability by sending specially crafted HTTP requests to vulnerable devices
The complexity of the attack was low, and no privileges or user interaction would be required to pull it off, and the CIA impact is all designated high.
The vulnerability affects both SSM On-Prem and SSM Satellite. There are different names for the same product. Only the latter refers to versions before release 7.0.
For versions 8-202206 and earlier, organizations should upgrade to 8-202212, or better still, version 9, which is unaffected by the vulnerability.
Cisco PSIRT states it didn’t find any evidence on exploitation in the wild. However, it recommends that the customer upgrade to the latest version.
Another critical vulnerability addressed is CVE-2024-20401 with a CVSS score of 9.8, an issue with Cisco Secure Email Gateway that allows an unauthenticated attacker to overwrite arbitrary files on the underlying operating system.
