Cisco has recently released critical patches for a severe vulnerability affecting its Smart Software Manager On-Prem (SSM On-Prem) license servers and older installations, known as Cisco Smart Software Manager Satellite (SSM Satellite). This vulnerability, tracked as CVE-2024-20419, allows unauthenticated attackers to change any user’s password, including administrative accounts, by sending crafted HTTP requests.
The reported cause of this flaw is an improper implementation of the password-change process within the SSM On-Prem authentication system. Successful exploitation would enable attackers to access the web UI or API with the compromised user’s privileges without needing the original credentials. While Cisco has not observed any active abuse of this flaw, it is crucial that you act immediately to secure your systems.
Please note the following fixed release versions that must be applied:
- Versions 8-202206 and earlier: Fixed in 8-202212
- Version 9: Not vulnerable
No workarounds are available for this security flaw, so it is imperative that all affected systems are upgraded to the fixed releases as soon as possible.
Additionally, Cisco has addressed several other significant vulnerabilities recently:
- An NX-OS zero-day (CVE-2024-20399) can be exploited to install unknown malware on MDS and Nexus switches.
- Two zero-day vulnerabilities (CVE-2024-20353 and CVE-2024-20359) have reportedly been leveraged by the China-linked threat group Storm-1849 (UAT4356) in a campaign named ArcaneDoor, which has been targeting government networks worldwide since November 2023.
Cisco’s Product Security Incident Response Team (PSIRT) has yet to find public proof-of-concept exploits or active exploitation attempts for CVE-2024-20419. Nevertheless, it is critical that you apply these patches promptly to prevent any potential security breaches.
Patch your systems now to protect your network from unauthorized access.
Don’t let advanced threats compromise your data. CloudJacket offers comprehensive protection for your digital environment, to protect you against threats like these, by using:
- Advanced threat detection: Immediately identify suspicious activity and prevent attacks.
- Real-time response: Quickly isolate and contain breaches before they spread.
- Expert guidance: Get the insights you need to reduce your attack surface and maintain a strong security posture.
- 24/7 SOC monitoring: Extend your security team with 24/7 expert monitoring. Our team safeguards your data and resources around the clock, giving you the peace of mind and expertise you need.
Safeguard your organization. Learn more about CloudJacket at https://www.secnap.com/cloudjacket/. Contact us today for a free consultation 954-350-0712.