devxlogo

Critical vulnerability allows password change in Cisco SSM

Critical vulnerability allows password change in Cisco SSM

Why Trust Us
Vulnerability Allows

Cisco has disclosed a critical vulnerability that allows attackers to change any user’s password on vulnerable Cisco Smart Software Manager On-Prem (SSM On-Prem) license servers, including administrator passwords. The flaw, tracked as CVE-2024-20419, has been given the highest severity rating of 10. The vulnerability exists due to an improper implementation of the password-change process in the authentication system of SSM On-Prem.

By sending crafted HTTP requests to an affected device, an unauthenticated remote attacker could exploit this weakness to reset user passwords without needing to know the original credentials. A successful exploit could allow an attacker to access the web UI or API with the privileges of the compromised user,” Cisco stated in their advisory. The flaw also impacts SSM On-Prem installations earlier than Release 7.0, known as Cisco Smart Software Manager Satellite (SSM Satellite).

There are currently no workarounds available to mitigate this security issue. Cisco advises all administrators to upgrade to a patched release to secure vulnerable servers within their environments.

Critical password flaw in Cisco SSM

Cisco’s Product Security Incident Response Team (PSIRT) has not found any evidence of public proof-of-concept exploits or active exploitation targeting this vulnerability so far. However, organizations using affected Cisco products are strongly urged to apply the necessary patches immediately to safeguard their systems. The Cisco Smart Software Manager On-Prem resides on customer premises and provides a centralized dashboard for managing licenses for Cisco equipment in use.

This product is commonly used by financial institutions, utilities, service providers, and government organizations who prefer on-premises license management over cloud-based solutions. While Cisco has not disclosed the precise number of potentially affected customers, a successful attack exploiting this vulnerability could have severe ramifications for these critical sectors. Security experts are closely monitoring the situation for any signs of active exploitation now that the flaw details are public.

This password-changing vulnerability is one of several security issues recently addressed by Cisco. Earlier this month, the company disclosed another critical flaw (CVE-2024-20401) in Cisco Secure Email Gateway that allows unauthenticated attackers to overwrite arbitrary files on the underlying operating system.

Disclosure
devxblackblue

About Our Editorial Process

At DevX, we’re dedicated to tech entrepreneurship. Our team closely follows industry shifts, new products, AI breakthroughs, technology trends, and funding announcements. Articles undergo thorough editing to ensure accuracy and clarity, reflecting DevX’s style and supporting entrepreneurs in the tech sphere.

See our full editorial policy.

About Our Journalist

Noah Nguyen

Noah Nguyen is a multi-talented developer who brings a unique perspective to his craft. Initially a creative writing professor, he turned to Dev work for the ability to work remotely. He now lives in Seattle, spending time hiking and drinking craft beer with his fiancee.
View Author
Show More