Exploit for #VU88805 OS Command Injection in Cisco Systems, Inc products

Cybersecurity Help s.r.o.

Published: 2024-04-19 | Updated: 2024-05-23

Vulnerability identifier: #VU88805

Vulnerability risk: Low

CVSSv4.0: 7.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2024-20356

CWE-ID: CWE-78

Exploitation vector: Network

Exploits in database: 2

May 23, 2024
- CVE_2024_20356 [Github]
April 19, 2024
- CVE-2024-20356 [Github]

Vulnerable software:
Cisco Integrated Management Controller
Server applications / Remote management servers, RDP, SSH
Enterprise NFV Infrastructure Software
Server applications / Virtualization software
Cisco 5000 Series Enterprise Network Compute System
Client/Desktop applications / Virtualization software
Catalyst 8300 Series Edge Universal CPE
Hardware solutions / Routers & switches, VoIP, GSM, etc
UCS C-Series M5 Rack Servers
Server applications / Other server solutions
UCS C-Series M6 Rack Servers
Server applications / Other server solutions
UCS C-Series M7 Rack Servers
Server applications / Other server solutions
UCS E-Series Servers
Other software / Other software solutions
UCS S-Series Servers in standalone mode
Other software / Other software solutions

Vendor: Cisco Systems, Inc