Unauthenticated Local Attackers Can Cause Denial of Service on Cisco AppDynamics Network Visibility Agent

CVE-2024-20394

5.5MEDIUM

Key Information

Vendor: Cisco
Status: Cisco Appdynamics
Vendor: CVE Published:; 15 May 2024

Badges

👾 Exploit Exists

Summary

A vulnerability in Cisco AppDynamics Network Visibility Agent could allow an unauthenticated, local attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to the inability to handle unexpected input. An attacker who has local device access could exploit this vulnerability by sending an HTTP request to the targeted service. A successful exploit could allow the attacker to cause a DoS condition by stopping the Network Agent Service on the local device.

Affected Version(s)

Cisco AppDynamics =

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published.
May 15, 2024
Vulnerability Reserved.
Nov 8, 2023
👾
Exploit exists.
Jan 1, 1970

Collectors

NVD DatabaseMitre Database