CVE-2024-20394

May 15, 2024, 6:35 p.m.

5.5
Medium

Description

A vulnerability in Cisco AppDynamics Network Visibility Agent could allow an unauthenticated, local attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to the inability to handle unexpected input. An attacker who has local device access could exploit this vulnerability by sending an HTTP request to the targeted service. A successful exploit could allow the attacker to cause a DoS condition by stopping the Network Agent Service on the local device.

Product(s) Impacted

Product Versions
Cisco AppDynamics Network Visibility Agent
  • []

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-appd-netvisdos-9zNbsJtK

Tags

CWE-20
ykramarz@cisco.com
2024-05-15
CVE-2024-20394

CVSS Score

5.5 / 10

CVSS Data - 3.1

  • Attack Vector: LOCAL
  • Attack Complexity: LOW
  • Privileges Required: NONE
  • Scope: UNCHANGED
  • Confidentiality Impact: NONE
  • Integrity Impact: NONE
  • Availability Impact: HIGH

    • CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

    View Vector String

Timeline

Published: May 15, 2024, 6:15 p.m.
Last Modified: May 15, 2024, 6:35 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

ykramarz@cisco.com

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.