Cisco ER Directory Traversal via Web UI
CVE-2024-20352 Published on April 3, 2024
A vulnerability in Cisco Emergency Responder could allow an authenticated, remote attacker to conduct a directory traversal attack, which could allow the attacker to perform arbitrary actions on an affected device. This vulnerability is due to insufficient protections for the web UI of an affected system. An attacker could exploit this vulnerability by sending crafted requests to the web UI. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user, such as accessing password or log files or uploading and deleting existing files from the system.
Vulnerability Analysis
CVE-2024-20352 is exploitable with network access, and requires user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Weakness Type
Relative Path Traversal
The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory. This allows attackers to traverse the file system to access files or directories that are outside of the restricted directory.
Products Associated with CVE-2024-20352
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2024-20352 are published in Cisco Emergency Responder:
Affected Versions
Cisco Emergency Responder:- Version 10.5(1a) is affected.
- Version 10.5(1) is affected.
- Version 11.5(4)SU2 is affected.
- Version 11.5(4)SU4 is affected.
- Version 11.5(4)SU3 is affected.
- Version 11.5(1) is affected.
- Version 11.5(3) is affected.
- Version 11.5(2) is affected.
- Version 11.5(4a) is affected.
- Version 11.5(4) is affected.
- Version 11.5(2a) is affected.
- Version 11.5(4)SU10 is affected.
- Version 11.5(4)SU9 is affected.
- Version 11.5(4)SU11 is affected.
- Version 12.5(1) is affected.
- Version 12.5(1)SU2 is affected.
- Version 12.5(1)SU3 is affected.
- Version 12.5(1)SU1 is affected.
- Version 12.5(1a) is affected.
- Version 12.5(1)SU4 is affected.
- Version 12.5(1)SU5 is affected.
- Version 12.5(1)SU6 is affected.
- Version 12.5(1)SU7 is affected.
- Version 12.5(1)SU8 is affected.
- Version 12.5(1)SU8a is affected.
- Version 12.5(1)SU8b is affected.
- Version 12.0(1) SU2 is affected.
- Version 12.0(1) SU1 is affected.
- Version 12.0(1) is affected.
- Version 10.0.2 is affected.
- Version 10.0(1) is affected.
- Version 11.0(1) is affected.
- Version 14SU1 is affected.
- Version 14SU2 is affected.
- Version 14 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.