Incorrect authorization in Cisco IOS XE Software for Wireless Controllers

1) Incorrect authorization

EUVDB-ID: #VU97728

Risk: Low

CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-20510

CWE-ID: CWE-863 - Incorrect Authorization

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass authorization checks.

The vulnerability exists due to a logic error in the Central Web Authentication (CWA) feature. A remote attacker on the local network can bypass configured ACL protections on the target device before the user authentication is completed and access trusted networks that the device might be protecting.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco IOS XE: 17.6.4 - 17.9.4

Catalyst 9800-CL Wireless Controllers for Cloud: All versions

Catalyst 9800 Embedded Wireless Controller: All versions

Catalyst 9800 Series Wireless Controllers: All versions

Embedded Wireless Controllers on Catalyst Access Points: All versions

CPE2.3

• cpe:2.3:o:cisco_systems:cisco_ios_xe:17.6.4:*:*:*:*:*:*:*
• cpe:2.3:o:cisco_systems:cisco_ios_xe:17.9.4:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:catalyst_9800-cl_wireless_controllers_for_cloud:*:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:catalyst_9800_embedded_wireless_controller:*:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:catalyst_9800_series_wireless_controllers:*:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:embedded_wireless_controllers_on_catalyst_access_points:*:*:*:*:*:*:*:*

External links

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-cwa-acl-nPSbHSnA

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.