Overview
- Description
- A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to view or delete the configuration or change the firmware on an affected device. This vulnerability is due to a lack of authentication on specific HTTP endpoints. An attacker could exploit this vulnerability by browsing to a specific URL. A successful exploit could allow the attacker to view or delete the configuration or change the firmware.
- Source
- ykramarz@cisco.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 8.2
- Impact score
- 4.2
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L
- Severity
- HIGH
Social media
- Hype score
- Not currently trending
CVE-2024-20458 A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to vie… https://t.co/7AwZI5wpSS
@CVEnew
307 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cisco ATA 190シリーズアナログ電話アダプタにおいて高深刻度の脆弱性。CVE-2024-20458は特定のHTTPエンドポイントでの認証の欠如に起因し、認証不要で遠隔から設定やファームウェアの変更が可能なもの。 https://t.co/RNI3SDAAZn
@__kokumoto
2837 Impressions
7 Retweets
7 Likes
1 Bookmark
0 Replies
1 Quote
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ata_191_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E464918E-6409-4ACC-B27A-ECD7A5A5ABF8",
"versionEndExcluding": "12.0.2"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ata_191:-:*:*:*:on-premises:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2BBB1A29-ABF8-4F79-A436-A416FAF4E7A9"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ata_191_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8FA479CC-10DC-4B3A-A869-7E0CCD02C959",
"versionEndExcluding": "11.2.5"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ata_191:-:*:*:*:multiplatform:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B0C232BB-005C-4E04-9B99-2B01AC8E8BA1"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ata_192_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7B66D888-565A-4EB1-B19B-594B302AAA72",
"versionEndExcluding": "11.2.5"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ata_192:-:*:*:*:multiplatform:*:*:*",
"vulnerable": false,
"matchCriteriaId": "00A3390F-594D-4DB2-96EC-04D0D73C9421"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]