Cisco NSO Vulnerability Allows Elevation of Privileges
CVE-2024-20366

7.8HIGH

Key Information:

Vendor: Cisco
Status: Cisco Network Services Orchestrator
Vendor: CVE Published:; 15 May 2024

What is CVE-2024-20366?

A vulnerability exists within the Tail-f High Availability Cluster Communications function pack of Cisco's Crosswork Network Services Orchestrator, which permits an authenticated local attacker to elevate privileges to root on the affected devices. This security flaw arises due to a user-controlled search path utilized for locating executable files. An attacker exploiting this vulnerability could manipulate the application configuration to trigger the execution of a malicious file. Successful exploitation enables the attacker to run arbitrary code on the affected device as a root user, requiring prior valid credentials. Thus, the impacted environment should be closely monitored and fortified against such attacks.

Affected Version(s)

Cisco Network Services Orchestrator 5.4

Cisco Network Services Orchestrator 5.5

Cisco Network Services Orchestrator 5.6

References

https://sec.cloudapps.cisco.com/security/center/content/C...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 15, 2024
Vulnerability Reserved
Nov 8, 2023