CVE-2024-20439 - Vulnerability Details

A vulnerability in Cisco Smart Licensing Utility (CSLU) could allow an unauthenticated, remote attacker to log into an affected system by using a static administrative credential. This vulnerability is due to an undocumented static user credential for an administrative account. An attacker could exploit this vulnerability by using the static credentials to login to the affected system. A successful exploit could allow the attacker to login to the affected system with administrative rights over the CSLU application API.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation active

Automatable yes

Technical Impact total

Vendors	Products
Cisco	Cisco Smart License Utility Smart License Utility

Configuration 1 [-]

cpe:2.3:a:cisco:smart_license_utility:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw

History

Tue, 01 Apr 2025 22:15:00 +0000

Type	Values Removed	Values Added
Title	Cisco Smart Licensing Utility Static Credential Vulnerability

Tue, 01 Apr 2025 21:45:00 +0000

Type	Values Removed	Values Added
Description	A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to log in to an affected system by using a static administrative credential. This vulnerability is due to an undocumented static user credential for an administrative account. An attacker could exploit this vulnerability by using the static credentials to log in to the affected system. A successful exploit could allow the attacker to log in to the affected system with administrative privileges over the API of the Cisco Smart Licensing Utility application.	A vulnerability in Cisco Smart Licensing Utility (CSLU) could allow an unauthenticated, remote attacker to log into an affected system by using a static administrative credential. This vulnerability is due to an undocumented static user credential for an administrative account. An attacker could exploit this vulnerability by using the static credentials to login to the affected system. A successful exploit could allow the attacker to login to the affected system with administrative rights over the CSLU application API.

Mon, 31 Mar 2025 19:15:00 +0000

Type	Values Removed	Values Added
Metrics	ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`	ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Fri, 13 Sep 2024 20:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Cisco smart License Utility
Weaknesses		CWE-798
CPEs		cpe:2.3:a:cisco:smart_license_utility::::::::
Vendors & Products		Cisco smart License Utility

Wed, 04 Sep 2024 18:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Cisco Cisco cisco Smart License Utility
CPEs		cpe:2.3:a:cisco:cisco_smart_license_utility::::::::
Vendors & Products		Cisco Cisco cisco Smart License Utility
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Wed, 04 Sep 2024 16:45:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to log in to an affected system by using a static administrative credential. This vulnerability is due to an undocumented static user credential for an administrative account. An attacker could exploit this vulnerability by using the static credentials to log in to the affected system. A successful exploit could allow the attacker to log in to the affected system with administrative privileges over the API of the Cisco Smart Licensing Utility application.
Title		Cisco Smart Licensing Utility Static Credential Vulnerability
Weaknesses		CWE-912
References		https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw
Metrics		cvssV3_1 `{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}`

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2024-09-04T16:28:39.669Z

Updated: 2025-04-01T21:36:38.960Z

Reserved: 2023-11-08T15:08:07.670Z

Link: CVE-2024-20439

Vulnrichment

Updated: 2024-09-04T17:45:35.659Z

NVD

Status : Modified

Published: 2024-09-04T17:15:13.210

Modified: 2025-04-01T22:15:20.950

Link: CVE-2024-20439

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-20439", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2023-11-08T15:08:07.670Z", "datePublished": "2024-09-04T16:28:39.669Z", "dateUpdated": "2025-04-01T21:36:38.960Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2025-04-01T21:36:38.960Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability in Cisco Smart Licensing Utility (CSLU) could allow an unauthenticated, remote attacker to log into an affected system by using a static administrative credential.\r\n\r This vulnerability is due to an undocumented static user credential for an administrative account. An attacker could exploit this vulnerability by using the static credentials to login to the affected system. A successful exploit could allow the attacker to login to the affected system with administrative rights over the CSLU application API."}], "affected": [{"vendor": "Cisco", "product": "Cisco Smart License Utility", "versions": [{"version": "2.1.0", "status": "affected"}, {"version": "2.0.0", "status": "affected"}, {"version": "2.2.0", "status": "affected"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Hidden Functionality", "type": "cwe", "cweId": "CWE-912"}]}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw", "name": "cisco-sa-cslu-7gHMzWmw"}], "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}}], "exploits": [{"lang": "en", "value": "In March 2025, the Cisco Product Security Incident Response Team (PSIRT) became aware of attempted exploitation of this vulnerability in the wild. Cisco continues to strongly recommend that customers upgrade to a fixed software release to remediate this vulnerability."}], "source": {"advisory": "cisco-sa-cslu-7gHMzWmw", "discovery": "INTERNAL", "defects": ["CSCwi41731"]}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-20439", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-03-31T18:12:06.667412Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:cisco:cisco_smart_license_utility:*:*:*:*:*:*:*:*"], "vendor": "cisco", "product": "cisco_smart_license_utility", "versions": [{"status": "affected", "version": "2.1.0"}, {"status": "affected", "version": "2.0.0"}, {"status": "affected", "version": "2.2.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:cisco:cisco_smart_license_utility:*:*:*:*:*:*:*:*"], "vendor": "cisco", "product": "cisco_smart_license_utility", "versions": [{"status": "affected", "version": "2.1.0"}, {"status": "affected", "version": "2.0.0"}, {"status": "affected", "version": "2.2.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:cisco:cisco_smart_license_utility:*:*:*:*:*:*:*:*"], "vendor": "cisco", "product": "cisco_smart_license_utility", "versions": [{"status": "affected", "version": "2.1.0"}, {"status": "affected", "version": "2.0.0"}, {"status": "affected", "version": "2.2.0"}], "defaultStatus": "unknown"}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-31T18:13:20.651Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-20439", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-03-31T18:12:06.667412Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:cisco:cisco_smart_license_utility:*:*:*:*:*:*:*:*"], "vendor": "cisco", "product": "cisco_smart_license_utility", "versions": [{"status": "affected", "version": "2.1.0"}, {"status": "affected", "version": "2.0.0"}, {"status": "affected", "version": "2.2.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:cisco:cisco_smart_license_utility:*:*:*:*:*:*:*:*"], "vendor": "cisco", "product": "cisco_smart_license_utility", "versions": [{"status": "affected", "version": "2.1.0"}, {"status": "affected", "version": "2.0.0"}, {"status": "affected", "version": "2.2.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:cisco:cisco_smart_license_utility:*:*:*:*:*:*:*:*"], "vendor": "cisco", "product": "cisco_smart_license_utility", "versions": [{"status": "affected", "version": "2.1.0"}, {"status": "affected", "version": "2.0.0"}, {"status": "affected", "version": "2.2.0"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-04T17:45:35.659Z"}}], "cna": {"source": {"defects": ["CSCwi41731"], "advisory": "cisco-sa-cslu-7gHMzWmw", "discovery": "INTERNAL"}, "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Cisco", "product": "Cisco Smart License Utility", "versions": [{"status": "affected", "version": "2.1.0"}, {"status": "affected", "version": "2.0.0"}, {"status": "affected", "version": "2.2.0"}]}], "exploits": [{"lang": "en", "value": "In March 2025, the Cisco Product Security Incident Response Team (PSIRT) became aware of attempted exploitation of this vulnerability in the wild. Cisco continues to strongly recommend that customers upgrade to a fixed software release to remediate this vulnerability."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw", "name": "cisco-sa-cslu-7gHMzWmw"}], "descriptions": [{"lang": "en", "value": "A vulnerability in Cisco Smart Licensing Utility (CSLU) could allow an unauthenticated, remote attacker to log into an affected system by using a static administrative credential.\r\n\r This vulnerability is due to an undocumented static user credential for an administrative account. An attacker could exploit this vulnerability by using the static credentials to login to the affected system. A successful exploit could allow the attacker to login to the affected system with administrative rights over the CSLU application API."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "cwe", "cweId": "CWE-912", "description": "Hidden Functionality"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2025-04-01T21:36:38.960Z"}}}, "cveMetadata": {"cveId": "CVE-2024-20439", "state": "PUBLISHED", "dateUpdated": "2025-04-01T21:36:38.960Z", "dateReserved": "2023-11-08T15:08:07.670Z", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2024-09-04T16:28:39.669Z", "assignerShortName": "cisco"}, "dataVersion": "5.1"}

{"cisaActionDue": "2025-04-21", "cisaExploitAdd": "2025-03-31", "cisaRequiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", "cisaVulnerabilityName": "Cisco Smart Licensing Utility Static Credential Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:smart_license_utility:*:*:*:*:*:*:*:*", "matchCriteriaId": "CDFA4BEC-53FD-4A9C-9C78-4663F1B7528E", "versionEndExcluding": "2.3.0", "versionStartIncluding": "2.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in Cisco Smart Licensing Utility (CSLU) could allow an unauthenticated, remote attacker to log into an affected system by using a static administrative credential.\r\n\r This vulnerability is due to an undocumented static user credential for an administrative account. An attacker could exploit this vulnerability by using the static credentials to login to the affected system. A successful exploit could allow the attacker to login to the affected system with administrative rights over the CSLU application API."}, {"lang": "es", "value": "Una vulnerabilidad en Cisco Smart Licensing Utility podr\u00eda permitir que un atacante remoto no autenticado inicie sesi\u00f3n en un sistema afectado mediante una credencial administrativa est\u00e1tica. Esta vulnerabilidad se debe a una credencial de usuario est\u00e1tica no documentada para una cuenta administrativa. Un atacante podr\u00eda aprovechar esta vulnerabilidad mediante el uso de las credenciales est\u00e1ticas para iniciar sesi\u00f3n en el sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante inicie sesi\u00f3n en el sistema afectado con privilegios administrativos sobre la API de la aplicaci\u00f3n Cisco Smart Licensing Utility."}], "id": "CVE-2024-20439", "lastModified": "2025-04-01T22:15:20.950", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "psirt@cisco.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-09-04T17:15:13.210", "references": [{"source": "psirt@cisco.com", "tags": ["Vendor Advisory"], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-912"}], "source": "psirt@cisco.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-798"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation active

Automatable yes

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object