Backdoor’s Secret
The strongest password error, identified as CVE 2024-20439, can be abused to achieve App Management Rights. Second error, CVE-2024-20440, can allow the attacker to find log files containing sensitive data such as API tests.
In two given the same 9.8 CVS score points, it is more throwing what is worse in the two. However, the risk can be clearly used in ways that increase their risk, which makes the most important adhesive. The affected versions of the CSLU is 2.0.0, 2.1.0, and 2.2.0; Version 2.3.0 is a paved version.
The CSLU is the latest product, so it may be expected to be better protected. That means, Cisco has a history of this type of feature, which has a solid testimony found threatened by the Cisco Firepower, Emermorm Responseer, and returning to the Digital Network Architecture (DNA) to stating the affected products.
As Ullrich of Sans wrote about harassing the new warning of the organization: “The first [CVE-2024-20439] He is one of the backgrounds in the equip its products. “
Source link