CVE-2024-20381

EUVD-2024-18096

11.09.2024, 17:15

A vulnerability in the JSON-RPC API feature in Cisco Crosswork Network Services Orchestrator (NSO) and ConfD that is used by the web-based management interfaces of Cisco Optical Site Manager and Cisco RV340 Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to modify the configuration of an affected application or device.&nbsp;

This vulnerability is due to improper authorization checks on the API. An attacker with privileges sufficient to access the affected application or device could exploit this vulnerability by sending malicious requests to the JSON-RPC API. A successful exploit could allow the attacker to make unauthorized modifications to the configuration of the affected application or device, including creating new user accounts or elevating their own privileges on an affected system.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	8.8 HIGH	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cisco	CNA	8.8 HIGH	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 82%

Affected Products (NVD)

Vendor	Product	Version
cisco	ios_xr	6.5.1
cisco	ios_xr	6.5.2
cisco	ios_xr	6.5.3
cisco	ios_xr	6.5.15
cisco	ios_xr	6.5.25
cisco	ios_xr	6.5.26
cisco	ios_xr	6.5.28
cisco	ios_xr	6.5.29
cisco	ios_xr	6.5.31
cisco	ios_xr	6.5.32
cisco	ios_xr	6.5.33
cisco	ios_xr	6.5.90
cisco	ios_xr	6.5.92
cisco	ios_xr	6.5.93
cisco	ios_xr	6.6.1
cisco	ios_xr	6.6.2
cisco	ios_xr	6.6.3
cisco	ios_xr	6.6.4
cisco	ios_xr	6.6.11
cisco	ios_xr	6.6.12
cisco	ios_xr	6.6.25
cisco	ios_xr	6.7.1
cisco	ios_xr	6.7.2
cisco	ios_xr	6.7.3
cisco	ios_xr	6.7.4
cisco	ios_xr	6.7.35
cisco	ios_xr	6.8.1
cisco	ios_xr	6.8.2
cisco	ios_xr	6.9.1
cisco	ios_xr	6.9.2
cisco	ios_xr	7.0.0
cisco	ios_xr	7.0.1
cisco	ios_xr	7.0.2
cisco	ios_xr	7.0.11
cisco	ios_xr	7.0.12
cisco	ios_xr	7.0.14
cisco	ios_xr	7.0.90
cisco	ios_xr	7.1.1
cisco	ios_xr	7.1.2
cisco	ios_xr	7.1.3
cisco	ios_xr	7.1.15
cisco	ios_xr	7.1.25
cisco	ios_xr	7.2.0
cisco	ios_xr	7.2.1
cisco	ios_xr	7.2.2
cisco	ios_xr	7.2.12
cisco	ios_xr	7.3.1
cisco	ios_xr	7.3.2
cisco	ios_xr	7.3.3
cisco	ios_xr	7.3.4
cisco	ios_xr	7.3.5
cisco	ios_xr	7.3.6
cisco	ios_xr	7.3.15
cisco	ios_xr	7.3.16
cisco	ios_xr	7.3.27
cisco	ios_xr	7.4.1
cisco	ios_xr	7.4.2
cisco	ios_xr	7.4.15
cisco	ios_xr	7.4.16
cisco	ios_xr	7.5.1
cisco	ios_xr	7.5.2
cisco	ios_xr	7.5.3
cisco	ios_xr	7.5.4
cisco	ios_xr	7.5.5
cisco	ios_xr	7.5.12
cisco	ios_xr	7.5.52
cisco	ios_xr	7.6.1
cisco	ios_xr	7.6.2
cisco	ios_xr	7.6.3
cisco	ios_xr	7.6.15
cisco	ios_xr	7.7.1
cisco	ios_xr	7.7.2
cisco	ios_xr	7.7.21
cisco	ios_xr	7.8.1
cisco	ios_xr	7.8.2
cisco	ios_xr	7.8.12
cisco	ios_xr	7.8.22
cisco	ios_xr	7.9.1
cisco	ios_xr	7.9.2
cisco	ios_xr	7.9.21
cisco	ios_xr	7.10.1
cisco	ios_xr	7.10.2
cisco	ios_xr	7.11.1
cisco	ios_xr	7.11.2
cisco	ios_xr	24.1.1
cisco	ios_xr	24.1.2
cisco	ios_xr	24.2.1
cisco	ios_xr	24.2.11
cisco	network_services_orchestrator	4.4.1
cisco	network_services_orchestrator	4.5.1
cisco	network_services_orchestrator	4.7.1
cisco	network_services_orchestrator	4.7.3
cisco	network_services_orchestrator	5.1.1.1
cisco	network_services_orchestrator	5.1.1.3
cisco	network_services_orchestrator	5.1.2
cisco	network_services_orchestrator	5.1.4.3
cisco	network_services_orchestrator	5.2.0.3
cisco	network_services_orchestrator	5.2.0.4
cisco	network_services_orchestrator	5.2.1
cisco	network_services_orchestrator	5.2.1.1
cisco	network_services_orchestrator	5.2.3.2
cisco	network_services_orchestrator	5.3.1
cisco	network_services_orchestrator	5.3.4.3
cisco	network_services_orchestrator	5.4
cisco	network_services_orchestrator	5.4.0.1
cisco	network_services_orchestrator	5.4.0.2
cisco	network_services_orchestrator	5.4.1
cisco	network_services_orchestrator	5.4.1.1
cisco	network_services_orchestrator	5.4.2
cisco	network_services_orchestrator	5.4.2.1
cisco	network_services_orchestrator	5.4.2.2
cisco	network_services_orchestrator	5.4.3
cisco	network_services_orchestrator	5.4.3.1
cisco	network_services_orchestrator	5.4.3.2
cisco	network_services_orchestrator	5.4.3.3
cisco	network_services_orchestrator	5.4.3.4
cisco	network_services_orchestrator	5.4.4
cisco	network_services_orchestrator	5.4.4.1
cisco	network_services_orchestrator	5.4.4.2
cisco	network_services_orchestrator	5.4.4.3
cisco	network_services_orchestrator	5.4.5
cisco	network_services_orchestrator	5.4.5.1
cisco	network_services_orchestrator	5.4.5.2
cisco	network_services_orchestrator	5.4.6
cisco	network_services_orchestrator	5.4.7
cisco	network_services_orchestrator	5.4.7.1
cisco	network_services_orchestrator	5.5
cisco	network_services_orchestrator	5.5.1
cisco	network_services_orchestrator	5.5.2
cisco	network_services_orchestrator	5.5.2.1
cisco	network_services_orchestrator	5.5.2.2
cisco	network_services_orchestrator	5.5.2.3
cisco	network_services_orchestrator	5.5.2.4
cisco	network_services_orchestrator	5.5.2.5
cisco	network_services_orchestrator	5.5.2.6
cisco	network_services_orchestrator	5.5.2.7
cisco	network_services_orchestrator	5.5.2.8
cisco	network_services_orchestrator	5.5.2.9
cisco	network_services_orchestrator	5.5.2.10
cisco	network_services_orchestrator	5.5.2.11
cisco	network_services_orchestrator	5.5.2.12
cisco	network_services_orchestrator	5.5.3
cisco	network_services_orchestrator	5.5.3.1
cisco	network_services_orchestrator	5.5.4
cisco	network_services_orchestrator	5.5.4.1
cisco	network_services_orchestrator	5.5.5
cisco	network_services_orchestrator	5.5.6
cisco	network_services_orchestrator	5.5.6.1
cisco	network_services_orchestrator	5.5.7
cisco	network_services_orchestrator	5.5.8
cisco	network_services_orchestrator	5.5.9
cisco	network_services_orchestrator	5.5.10
cisco	network_services_orchestrator	5.6
cisco	network_services_orchestrator	5.6.1
cisco	network_services_orchestrator	5.6.2
cisco	network_services_orchestrator	5.6.3
cisco	network_services_orchestrator	5.6.3.1
cisco	network_services_orchestrator	5.6.4
cisco	network_services_orchestrator	5.6.5
cisco	network_services_orchestrator	5.6.6
cisco	network_services_orchestrator	5.6.6.1
cisco	network_services_orchestrator	5.6.7
cisco	network_services_orchestrator	5.6.7.1
cisco	network_services_orchestrator	5.6.7.2
cisco	network_services_orchestrator	5.6.8
cisco	network_services_orchestrator	5.6.8.1
cisco	network_services_orchestrator	5.6.9
cisco	network_services_orchestrator	5.6.10
cisco	network_services_orchestrator	5.6.11
cisco	network_services_orchestrator	5.6.12
cisco	network_services_orchestrator	5.6.13
cisco	network_services_orchestrator	5.6.14
cisco	network_services_orchestrator	5.6.14.1
cisco	network_services_orchestrator	5.7
cisco	network_services_orchestrator	5.7.1
cisco	network_services_orchestrator	5.7.1.1
cisco	network_services_orchestrator	5.7.2
cisco	network_services_orchestrator	5.7.2.1
cisco	network_services_orchestrator	5.7.3
cisco	network_services_orchestrator	5.7.4
cisco	network_services_orchestrator	5.7.5
cisco	network_services_orchestrator	5.7.5.1
cisco	network_services_orchestrator	5.7.6
cisco	network_services_orchestrator	5.7.6.1
cisco	network_services_orchestrator	5.7.6.2
cisco	network_services_orchestrator	5.7.6.3
cisco	network_services_orchestrator	5.7.7
cisco	network_services_orchestrator	5.7.8
cisco	network_services_orchestrator	5.7.8.1
cisco	network_services_orchestrator	5.7.9
cisco	network_services_orchestrator	5.7.9.1
cisco	network_services_orchestrator	5.7.10
cisco	network_services_orchestrator	5.7.10.1
cisco	network_services_orchestrator	5.7.10.2
cisco	network_services_orchestrator	5.7.11
cisco	network_services_orchestrator	5.7.12
cisco	network_services_orchestrator	5.7.13
cisco	network_services_orchestrator	5.7.14
cisco	network_services_orchestrator	5.7.15
cisco	network_services_orchestrator	5.7.15.1
cisco	network_services_orchestrator	5.7.17
cisco	network_services_orchestrator	5.8
cisco	network_services_orchestrator	5.8.1
cisco	network_services_orchestrator	5.8.2
cisco	network_services_orchestrator	5.8.2.1
cisco	network_services_orchestrator	5.8.3
cisco	network_services_orchestrator	5.8.4
cisco	network_services_orchestrator	5.8.5
cisco	network_services_orchestrator	5.8.6
cisco	network_services_orchestrator	5.8.7
cisco	network_services_orchestrator	5.8.8
cisco	network_services_orchestrator	5.8.9
cisco	network_services_orchestrator	5.8.10
cisco	network_services_orchestrator	5.8.11
cisco	network_services_orchestrator	5.8.12
cisco	network_services_orchestrator	5.8.13
cisco	network_services_orchestrator	6.0
cisco	network_services_orchestrator	6.0.1
cisco	network_services_orchestrator	6.0.1.1
cisco	network_services_orchestrator	6.0.2
cisco	network_services_orchestrator	6.0.3
cisco	network_services_orchestrator	6.0.4
cisco	network_services_orchestrator	6.0.5
cisco	network_services_orchestrator	6.0.6
cisco	network_services_orchestrator	6.0.7
cisco	network_services_orchestrator	6.0.8
cisco	network_services_orchestrator	6.0.9
cisco	network_services_orchestrator	6.0.10
cisco	network_services_orchestrator	6.0.11
cisco	network_services_orchestrator	6.0.12
cisco	network_services_orchestrator	6.1
cisco	network_services_orchestrator	6.1.1
cisco	network_services_orchestrator	6.1.2
cisco	network_services_orchestrator	6.1.2.1
cisco	network_services_orchestrator	6.1.3
cisco	network_services_orchestrator	6.1.3.1
cisco	network_services_orchestrator	6.1.3.2
cisco	network_services_orchestrator	6.1.4
cisco	network_services_orchestrator	6.1.5
cisco	network_services_orchestrator	6.1.6
cisco	network_services_orchestrator	6.1.6.1
cisco	network_services_orchestrator	6.1.7
cisco	network_services_orchestrator	6.1.7.1
cisco	network_services_orchestrator	6.1.8
cisco	network_services_orchestrator	6.1.10
cisco	network_services_orchestrator	6.1.11
cisco	network_services_orchestrator	6.1.11.1
cisco	network_services_orchestrator	6.1.11.2
cisco	network_services_orchestrator	6.1.12
cisco	network_services_orchestrator	6.2
cisco	network_services_orchestrator	6.2.2
cisco	small_business_rv_series_router_firmware	1.0.00.29
cisco	small_business_rv_series_router_firmware	1.0.00.33
cisco	small_business_rv_series_router_firmware	1.0.01.16
cisco	small_business_rv_series_router_firmware	1.0.01.17
cisco	small_business_rv_series_router_firmware	1.0.01.18
cisco	small_business_rv_series_router_firmware	1.0.01.20
cisco	small_business_rv_series_router_firmware	1.0.02.16
cisco	small_business_rv_series_router_firmware	1.0.03.15
cisco	small_business_rv_series_router_firmware	1.0.03.16
cisco	small_business_rv_series_router_firmware	1.0.03.17
cisco	small_business_rv_series_router_firmware	1.0.03.18
cisco	small_business_rv_series_router_firmware	1.0.03.19
cisco	small_business_rv_series_router_firmware	1.0.03.20
cisco	small_business_rv_series_router_firmware	1.0.03.21
cisco	small_business_rv_series_router_firmware	1.0.03.22
cisco	small_business_rv_series_router_firmware	1.0.03.24
cisco	small_business_rv_series_router_firmware	1.0.03.26
cisco	small_business_rv_series_router_firmware	1.0.03.27
cisco	small_business_rv_series_router_firmware	1.0.03.28
cisco	small_business_rv_series_router_firmware	1.0.03.29

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-285 - Improper Authorization
The software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-auth-bypass-QnTEesp