Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-20326

A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper authorization enforcement when specific CLI commands are used. An attacker could exploit this vulnerability by executing an affected CLI command with crafted arguments. A successful exploit could allow the attacker to read or write arbitrary files on the underlying operating system with the privileges of the root user.

Published

2024-05-16T14:15:08.420

Last Modified

2025-07-25T14:39:47.173

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses

Type: Secondary
CWE-78
Type: Secondary
CWE-77

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	cisco	confd_basic	7.1.7	Yes
Application	cisco	confd_basic	7.8.3	Yes
Application	cisco	confd_basic	8.0	Yes
Application	cisco	confd_basic	8.0.1	Yes
Application	cisco	confd_basic	8.0.2	Yes
Application	cisco	confd_basic	8.0.3	Yes
Application	cisco	confd_basic	8.0.4	Yes
Application	cisco	confd_basic	8.0.5	Yes
Application	cisco	confd_basic	8.0.6	Yes
Application	cisco	confd_basic	8.0.7	Yes
Application	cisco	confd_basic	8.0.8	Yes
Application	cisco	confd_basic	8.0.9	Yes
Application	cisco	confd_basic	8.0.10	Yes
Application	cisco	confd_basic	8.0.11	Yes
Application	cisco	confd_premium	7.3.5	Yes
Application	cisco	confd_premium	7.3.5.1	Yes
Application	cisco	confd_premium	7.3.5.2	Yes
Application	cisco	confd_premium	7.3.6	Yes
Application	cisco	confd_premium	7.4.5	Yes
Application	cisco	confd_premium	7.4.5.1	Yes
Application	cisco	confd_premium	7.4.5.2	Yes
Application	cisco	confd_premium	7.4.5.3	Yes
Application	cisco	confd_premium	7.4.6	Yes
Application	cisco	confd_premium	7.4.7	Yes
Application	cisco	confd_premium	7.4.8	Yes
Application	cisco	confd_premium	7.5.3	Yes
Application	cisco	confd_premium	7.5.3.1	Yes
Application	cisco	confd_premium	7.5.3.2	Yes
Application	cisco	confd_premium	7.5.4	Yes
Application	cisco	confd_premium	7.5.4.1	Yes
Application	cisco	confd_premium	7.5.4.2	Yes
Application	cisco	confd_premium	7.5.4.3	Yes
Application	cisco	confd_premium	7.5.5	Yes
Application	cisco	confd_premium	7.5.5.1	Yes
Application	cisco	confd_premium	7.5.6	Yes
Application	cisco	confd_premium	7.5.6.1	Yes
Application	cisco	confd_premium	7.5.6.2	Yes
Application	cisco	confd_premium	7.5.7	Yes
Application	cisco	confd_premium	7.5.8	Yes
Application	cisco	confd_premium	7.5.9	Yes
Application	cisco	confd_premium	7.5.10	Yes
Application	cisco	confd_premium	7.6	Yes
Application	cisco	confd_premium	7.6.1	Yes
Application	cisco	confd_premium	7.6.2	Yes
Application	cisco	confd_premium	7.6.3	Yes
Application	cisco	confd_premium	7.6.4	Yes
Application	cisco	confd_premium	7.6.5	Yes
Application	cisco	confd_premium	7.6.6	Yes
Application	cisco	confd_premium	7.6.7	Yes
Application	cisco	confd_premium	7.6.8	Yes
Application	cisco	confd_premium	7.6.8.1	Yes
Application	cisco	confd_premium	7.6.9	Yes
Application	cisco	confd_premium	7.6.10	Yes
Application	cisco	confd_premium	7.6.11	Yes
Application	cisco	confd_premium	7.6.12	Yes
Application	cisco	confd_premium	7.6.13	Yes
Application	cisco	confd_premium	7.6.14	Yes
Application	cisco	confd_premium	7.6.14.1	Yes
Application	cisco	confd_premium	7.7	Yes
Application	cisco	confd_premium	7.7.1	Yes
Application	cisco	confd_premium	7.7.2	Yes
Application	cisco	confd_premium	7.7.3	Yes
Application	cisco	confd_premium	7.7.4	Yes
Application	cisco	confd_premium	7.7.5	Yes
Application	cisco	confd_premium	7.7.5.1	Yes
Application	cisco	confd_premium	7.7.6	Yes
Application	cisco	confd_premium	7.7.7	Yes
Application	cisco	confd_premium	7.7.8	Yes
Application	cisco	confd_premium	7.7.9	Yes
Application	cisco	confd_premium	7.7.10	Yes
Application	cisco	confd_premium	7.7.11	Yes
Application	cisco	confd_premium	7.7.12	Yes
Application	cisco	confd_premium	7.7.13	Yes
Application	cisco	confd_premium	7.8	Yes
Application	cisco	confd_premium	7.8.1	Yes
Application	cisco	confd_premium	7.8.2	Yes
Application	cisco	confd_premium	7.8.3	Yes
Application	cisco	confd_premium	7.8.4	Yes
Application	cisco	confd_premium	7.8.5	Yes
Application	cisco	confd_premium	7.8.6	Yes
Application	cisco	confd_premium	7.8.7	Yes
Application	cisco	confd_premium	7.8.8	Yes
Application	cisco	confd_premium	7.8.9	Yes
Application	cisco	confd_premium	7.8.10	Yes
Application	cisco	confd_premium	7.8.11	Yes
Application	cisco	confd_premium	8.0	Yes
Application	cisco	confd_premium	8.0.1	Yes
Application	cisco	confd_premium	8.0.2	Yes
Application	cisco	confd_premium	8.0.3	Yes
Application	cisco	confd_premium	8.0.4	Yes
Application	cisco	confd_premium	8.0.5	Yes
Application	cisco	confd_premium	8.0.6	Yes
Application	cisco	confd_premium	8.0.7	Yes
Application	cisco	confd_premium	8.0.8	Yes
Application	cisco	confd_premium	8.1	Yes
Application	cisco	confd_premium	8.1.1	Yes
Application	cisco	confd_premium	8.1.2	Yes
Application	cisco	confd_premium	8.1.3	Yes
Application	cisco	confd_premium	8.1.4	Yes
Application	cisco	crosswork_network_services_orchestrator	< 5.4	Yes
Application	cisco	crosswork_network_services_orchestrator	< 5.5	Yes
Application	cisco	crosswork_network_services_orchestrator	< 5.5.10.1	Yes
Application	cisco	crosswork_network_services_orchestrator	< 5.6.14.3	Yes
Application	cisco	crosswork_network_services_orchestrator	< 5.7.15	Yes
Application	cisco	crosswork_network_services_orchestrator	< 5.8.13.1	Yes
Application	cisco	crosswork_network_services_orchestrator	≤ 6.0.12	Yes
Application	cisco	crosswork_network_services_orchestrator	≤ 6.1.7	Yes
Application	cisco	crosswork_network_services_orchestrator	< 6.2.2	Yes
Application	cisco	crosswork_network_services_orchestrator	5.1.7	Yes
Application	cisco	crosswork_network_services_orchestrator	6.0.11	Yes
Application	cisco	crosswork_network_services_orchestrator	6.2.1	Yes

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnfd-rwpesc-ZAOufyx8 Vendor Advisory ([email protected])
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-rwpesc-qrQGnh3f Vendor Advisory ([email protected])
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnfd-rwpesc-ZAOufyx8 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-rwpesc-qrQGnh3f Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)