Unauthenticated Local Attackers Can Cause Denial of Service on Cisco AppDynamics Network Visibility Agent
CVE-2024-20394

5.5MEDIUM

Key Information:

Vendor: Cisco
Status: Cisco Appdynamics
Vendor: CVE Published:; 15 May 2024

Summary

A vulnerability in Cisco AppDynamics Network Visibility Agent could allow an unauthenticated, local attacker to cause a denial of service (DoS) condition on an affected device.

This vulnerability is due to the inability to handle unexpected input. An attacker who has local device access could exploit this vulnerability by sending an HTTP request to the targeted service. A successful exploit could allow the attacker to cause a DoS condition by stopping the Network Agent Service on the local device.

Affected Version(s)

Cisco AppDynamics

References

https://sec.cloudapps.cisco.com/security/center/content/C...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
May 15, 2024
Vulnerability Reserved
Nov 8, 2023