#VU87521 Improper access control in Cisco Systems, Inc products - CVE-2024-20322
Published: March 14, 2024
Vulnerability identifier: #VU87521
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2024-20322
CWE-ID: CWE-284
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Cisco IOS XR
IOS XR White box
Cisco NCS 4001
Cisco NCS 4009
Cisco NCS 4016
Cisco NCS 540-12Z20G-SYS-A Router
Cisco NCS 540-12Z20G-SYS-D Router
Cisco NCS 540-24Q8L2DD-SYS Router
Cisco NCS 540-24Z8Q2C-SYS Router
Cisco NCS 540-28Z4C-SYS-A Router
Cisco NCS 540-28Z4C-SYS-D Router
Cisco NCS 540-6Z14S-SYS-D Router
Cisco NCS 540-6Z18G-SYS-D Router
Cisco NCS 540-ACC-SYS Router
Cisco NCS 540-FH-AGG Router
Cisco NCS 540-FH-CSR-SYS Router
Cisco NCS 540X-12Z16G-SYS-A Router
Cisco NCS 540X-12Z16G-SYS-D Router
Cisco NCS 540X-16Z4G8Q2C-A Router
Cisco NCS 540X-16Z4G8Q2C-D Router
Cisco NCS 540X-16Z8Q2C-D Router
Cisco NCS 540X-4Z14G2Q-A Router
Cisco NCS 540X-4Z14G2Q-D Router
Cisco NCS 540X-6Z18G-SYS-A Router
Cisco NCS 540X-6Z18G-SYS-D Router
Cisco NCS 540X-8Z16G-SYS-A Router
Cisco NCS 540X-8Z16G-SYS-D Router
Cisco NCS 540X-ACC-SYS Router
Cisco NCS 560-4-SYS Router
Cisco NCS 560-4-SYS-E Router
Cisco NCS 560-4-SYS-E-CC Router
Cisco NCS 560-7-SYS Router
Cisco NCS 560-7-SYS-E Router
Cisco Network Convergence System 4000 Series
Cisco Network Convergence System 500 Series Routers
Cisco Network Convergence System 540 Router
Cisco Network Convergence System 540 Series Routers
Cisco Network Convergence System 5500 Series
Cisco Network Convergence System 5501
Cisco Network Convergence System 5501-SE
Cisco Network Convergence System 5502
Cisco Network Convergence System 5502-SE
Cisco Network Convergence System 5504
Cisco Network Convergence System 5508
Cisco Network Convergence System 5516
Cisco Network Convergence System 55A1-24H
Cisco Network Convergence System 55A1-24Q6H-S
Cisco Network Convergence System 55A1-24Q6H-SS
Cisco Network Convergence System 55A1-36H
Cisco Network Convergence System 55A1-36H-SE
Cisco Network Convergence System 55A1-48Q6H
Cisco Network Convergence System 55A2-MOD-HD-S
Cisco Network Convergence System 55A2-MOD-S
Cisco Network Convergence System 55A2-MOD-SE-S
Cisco Network Convergence System 560 Router
Cisco Network Convergence System 560 Series Routers
Cisco Network Convergence System 5700 Series
Cisco Network Convergence System 57B1-5DSE-SYS
Cisco Network Convergence System 57B1-6D24-SYS
Cisco Network Convergence System 57C3-MOD
Cisco Network Convergence System NCS-57C1-48Q6-SYS
Cisco Network Convergence System NCS-57D2-18DD-SYS
Cisco IOS XR
IOS XR White box
Cisco NCS 4001
Cisco NCS 4009
Cisco NCS 4016
Cisco NCS 540-12Z20G-SYS-A Router
Cisco NCS 540-12Z20G-SYS-D Router
Cisco NCS 540-24Q8L2DD-SYS Router
Cisco NCS 540-24Z8Q2C-SYS Router
Cisco NCS 540-28Z4C-SYS-A Router
Cisco NCS 540-28Z4C-SYS-D Router
Cisco NCS 540-6Z14S-SYS-D Router
Cisco NCS 540-6Z18G-SYS-D Router
Cisco NCS 540-ACC-SYS Router
Cisco NCS 540-FH-AGG Router
Cisco NCS 540-FH-CSR-SYS Router
Cisco NCS 540X-12Z16G-SYS-A Router
Cisco NCS 540X-12Z16G-SYS-D Router
Cisco NCS 540X-16Z4G8Q2C-A Router
Cisco NCS 540X-16Z4G8Q2C-D Router
Cisco NCS 540X-16Z8Q2C-D Router
Cisco NCS 540X-4Z14G2Q-A Router
Cisco NCS 540X-4Z14G2Q-D Router
Cisco NCS 540X-6Z18G-SYS-A Router
Cisco NCS 540X-6Z18G-SYS-D Router
Cisco NCS 540X-8Z16G-SYS-A Router
Cisco NCS 540X-8Z16G-SYS-D Router
Cisco NCS 540X-ACC-SYS Router
Cisco NCS 560-4-SYS Router
Cisco NCS 560-4-SYS-E Router
Cisco NCS 560-4-SYS-E-CC Router
Cisco NCS 560-7-SYS Router
Cisco NCS 560-7-SYS-E Router
Cisco Network Convergence System 4000 Series
Cisco Network Convergence System 500 Series Routers
Cisco Network Convergence System 540 Router
Cisco Network Convergence System 540 Series Routers
Cisco Network Convergence System 5500 Series
Cisco Network Convergence System 5501
Cisco Network Convergence System 5501-SE
Cisco Network Convergence System 5502
Cisco Network Convergence System 5502-SE
Cisco Network Convergence System 5504
Cisco Network Convergence System 5508
Cisco Network Convergence System 5516
Cisco Network Convergence System 55A1-24H
Cisco Network Convergence System 55A1-24Q6H-S
Cisco Network Convergence System 55A1-24Q6H-SS
Cisco Network Convergence System 55A1-36H
Cisco Network Convergence System 55A1-36H-SE
Cisco Network Convergence System 55A1-48Q6H
Cisco Network Convergence System 55A2-MOD-HD-S
Cisco Network Convergence System 55A2-MOD-S
Cisco Network Convergence System 55A2-MOD-SE-S
Cisco Network Convergence System 560 Router
Cisco Network Convergence System 560 Series Routers
Cisco Network Convergence System 5700 Series
Cisco Network Convergence System 57B1-5DSE-SYS
Cisco Network Convergence System 57B1-6D24-SYS
Cisco Network Convergence System 57C3-MOD
Cisco Network Convergence System NCS-57C1-48Q6-SYS
Cisco Network Convergence System NCS-57D2-18DD-SYS
Software vendor:
Cisco Systems, Inc
Cisco Systems, Inc
Description
The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper assignment of lookup keys to internal interface contexts. A remote attacker can access resources behind the affected device that are supposed to be protected by a configured ACL.
Remediation
Install updates from vendor's website.