Carding Forum
Professional
The company neutralizes the maximum error level in SSM On-Prem.
Cisco fixed a critical vulnerability in Cisco SSM On-Prem that allows you to change the password of any user, including administrators. As a component of Cisco Smart Licensing, SSM On-Prem helps Cisco service providers and partners manage customer accounts and product licenses.
CVE-2024-20419 (CVSS score: 10.0) is caused by an incorrect implementation of the password change process. An attacker can take advantage of the error by sending specially crafted HTTP requests to the affected device. A successful exploit allows an attacker to gain access to the web user interface or API with the privileges of a compromised user.
The flaw affects Cisco SSM On-Prem versions 8-202206 and earlier. It was fixed in version 8-202212. It is worth noting that version 9 is not affected by the vulnerability. The vulnerability also affects local SSM installations of earlier versions than 7.0, known as Cisco Smart Software Manager Satellite (SSM Satellite).
Cisco said that there are no workarounds that solve this problem, and that the company is not aware of any malicious exploitation.
Earlier, Cisco fixed the NX-OS zero-day vulnerability, which was used to install unknown malware with root rights on vulnerable Cisco Nexus switches. Cybersecurity company Sygnia was the first to report a zero-day vulnerability in Cisco and linked the attacks to Chinese government hackers Velvet Ant. The main goal of the group is espionage, and it focuses on establishing long-term access to the victim's network.
Velvet Ant was first documented by Sygnia in May in connection with a cyberattack on an unnamed organization in East Asia that lasted about three years. The malware used outdated F5 BIG-IP devices to covertly steal customer and financial information.
Source
Cisco fixed a critical vulnerability in Cisco SSM On-Prem that allows you to change the password of any user, including administrators. As a component of Cisco Smart Licensing, SSM On-Prem helps Cisco service providers and partners manage customer accounts and product licenses.
CVE-2024-20419 (CVSS score: 10.0) is caused by an incorrect implementation of the password change process. An attacker can take advantage of the error by sending specially crafted HTTP requests to the affected device. A successful exploit allows an attacker to gain access to the web user interface or API with the privileges of a compromised user.
The flaw affects Cisco SSM On-Prem versions 8-202206 and earlier. It was fixed in version 8-202212. It is worth noting that version 9 is not affected by the vulnerability. The vulnerability also affects local SSM installations of earlier versions than 7.0, known as Cisco Smart Software Manager Satellite (SSM Satellite).
Cisco said that there are no workarounds that solve this problem, and that the company is not aware of any malicious exploitation.
Earlier, Cisco fixed the NX-OS zero-day vulnerability, which was used to install unknown malware with root rights on vulnerable Cisco Nexus switches. Cybersecurity company Sygnia was the first to report a zero-day vulnerability in Cisco and linked the attacks to Chinese government hackers Velvet Ant. The main goal of the group is espionage, and it focuses on establishing long-term access to the victim's network.
Velvet Ant was first documented by Sygnia in May in connection with a cyberattack on an unnamed organization in East Asia that lasted about three years. The malware used outdated F5 BIG-IP devices to covertly steal customer and financial information.
Source
