CVE-2024-20497 - Vulnerability Details

Vendors	Products
Cisco	Expressway-e

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-auth-kdFrcZ2j

Type	Values Removed	Values Added
First Time appeared		Cisco Cisco expressway-e
CPEs		cpe:2.3:a:cisco:expressway-e::::::::
Vendors & Products		Cisco Cisco expressway-e

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Type	Values Removed	Values Added
Description		A vulnerability in Cisco Expressway Edge (Expressway-E) could allow an authenticated, remote attacker to masquerade as another user on an affected system. This vulnerability is due to inadequate authorization checks for Mobile and Remote Access (MRA) users. An attacker could exploit this vulnerability by running a series of crafted commands. A successful exploit could allow the attacker to intercept calls that are destined for a particular phone number or to make phone calls and have that phone number appear on the caller ID. To successfully exploit this vulnerability, the attacker must be an MRA user on an affected system.
Title		Cisco Expressway Edge Improper Authorization Vulnerability
Weaknesses		CWE-285
References		https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-auth-kdFrcZ2j
Metrics		cvssV3_1 `{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N'}`

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-20497", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2023-11-08T15:08:07.686Z", "datePublished": "2024-09-04T16:29:13.595Z", "dateUpdated": "2024-09-04T17:33:38.771Z"}, "containers": {"cna": {"title": "Cisco Expressway Edge Improper Authorization Vulnerability", "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}}], "descriptions": [{"lang": "en", "value": "A vulnerability in Cisco Expressway Edge (Expressway-E) could allow an authenticated, remote attacker to masquerade as another user on an affected system.\r\n\r\nThis vulnerability is due to inadequate authorization checks for Mobile and Remote Access (MRA) users. An attacker could exploit this vulnerability by running a series of crafted commands. A successful exploit could allow the attacker to intercept calls that are destined for a particular phone number or to make phone calls and have that phone number appear on the caller ID. To successfully exploit this vulnerability, the attacker must be an MRA user on an affected system."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-auth-kdFrcZ2j", "name": "cisco-sa-expressway-auth-kdFrcZ2j"}], "exploits": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "source": {"advisory": "cisco-sa-expressway-auth-kdFrcZ2j", "discovery": "INTERNAL", "defects": ["CSCwa25058"]}, "problemTypes": [{"descriptions": [{"lang": "en", "description": "Improper Authorization", "type": "cwe", "cweId": "CWE-285"}]}], "affected": [{"vendor": "Cisco", "product": "Cisco TelePresence Video Communication Server (VCS) Expressway", "versions": [{"version": "X8.11.2", "status": "affected"}, {"version": "X8.6", "status": "affected"}, {"version": "X8.11.3", "status": "affected"}, {"version": "X8.2.2", "status": "affected"}, {"version": "X8.8.3", "status": "affected"}, {"version": "X8.11.0", "status": "affected"}, {"version": "X12.5.2", "status": "affected"}, {"version": "X8.1.1", "status": "affected"}, {"version": "X8.9", "status": "affected"}, {"version": "X12.5.1", "status": "affected"}, {"version": "X12.5.6", "status": "affected"}, {"version": "X8.7.3", "status": "affected"}, {"version": "X12.6.0", "status": "affected"}, {"version": "X8.11.1", "status": "affected"}, {"version": "X8.5", "status": "affected"}, {"version": "X8.9.1", "status": "affected"}, {"version": "X8.10.2", "status": "affected"}, {"version": "X8.8.2", "status": "affected"}, {"version": "X8.5.3", "status": "affected"}, {"version": "X8.1", "status": "affected"}, {"version": "X8.9.2", "status": "affected"}, {"version": "X8.11.4", "status": "affected"}, {"version": "X12.5.4", "status": "affected"}, {"version": "X8.8.1", "status": "affected"}, {"version": "X8.2.1", "status": "affected"}, {"version": "X8.5.1", "status": "affected"}, {"version": "X8.6.1", "status": "affected"}, {"version": "X8.1.2", "status": "affected"}, {"version": "X8.8", "status": "affected"}, {"version": "X8.10.0", "status": "affected"}, {"version": "X12.5.3", "status": "affected"}, {"version": "X8.10.1", "status": "affected"}, {"version": "X12.5.7", "status": "affected"}, {"version": "X8.10.3", "status": "affected"}, {"version": "X8.7.1", "status": "affected"}, {"version": "X8.2", "status": "affected"}, {"version": "X12.5.8", "status": "affected"}, {"version": "X8.7", "status": "affected"}, {"version": "X8.5.2", "status": "affected"}, {"version": "X12.5.9", "status": "affected"}, {"version": "X12.5.0", "status": "affected"}, {"version": "X8.10.4", "status": "affected"}, {"version": "X8.7.2", "status": "affected"}, {"version": "X12.5.5", "status": "affected"}, {"version": "X12.6.1", "status": "affected"}, {"version": "X12.6.2", "status": "affected"}, {"version": "X12.6.3", "status": "affected"}, {"version": "X12.6.4", "status": "affected"}, {"version": "X12.7.0", "status": "affected"}, {"version": "X12.7.1", "status": "affected"}, {"version": "X14.0.0", "status": "affected"}, {"version": "X14.0.1", "status": "affected"}, {"version": "X14.0.2", "status": "affected"}, {"version": "X14.0.3", "status": "affected"}, {"version": "X14.0.4", "status": "affected"}, {"version": "X14.0.5", "status": "affected"}, {"version": "X14.0.6", "status": "affected"}, {"version": "X14.0.7", "status": "affected"}, {"version": "X14.0.8", "status": "affected"}, {"version": "X14.2.0", "status": "affected"}, {"version": "X14.0.9", "status": "affected"}, {"version": "X14.2.1", "status": "affected"}, {"version": "X14.2.2", "status": "affected"}, {"version": "X14.0.11", "status": "affected"}, {"version": "X14.2.5", "status": "affected"}, {"version": "X14.0.10", "status": "affected"}, {"version": "X14.2.6", "status": "affected"}, {"version": "X14.2.7", "status": "affected"}, {"version": "X14.3.0", "status": "affected"}, {"version": "X14.3.1", "status": "affected"}, {"version": "X14.3.2", "status": "affected"}, {"version": "X14.3.3", "status": "affected"}, {"version": "X15.0.0", "status": "affected"}, {"version": "X14.3.4", "status": "affected"}, {"version": "X14.3.5", "status": "affected"}, {"version": "X15.0.1", "status": "affected"}, {"version": "X15.0.2", "status": "affected"}, {"version": "X15.0.3", "status": "affected"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-09-04T16:29:13.595Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-04T17:33:31.143271Z", "id": "CVE-2024-20497", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-04T17:33:38.771Z"}}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

cveId : CVE-2024-20497 (string)

assignerOrgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

state : PUBLISHED (string)

assignerShortName : cisco (string)

dateReserved : 2023-11-08T15:08:07.686Z (string)

datePublished : 2024-09-04T16:29:13.595Z (string)

dateUpdated : 2024-09-04T17:33:38.771Z (string)

}

containers : { »

cna : { »

title : Cisco Expressway Edge Improper Authorization Vulnerability (string)

metrics : [ »

0 : { »

format : cvssV3_1 (string)

cvssV3_1 : { »

version : 3.1 (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N (string)

baseScore : 4.3 (number)

baseSeverity : MEDIUM (string)

attackVector : NETWORK (string)

attackComplexity : LOW (string)

privilegesRequired : LOW (string)

userInteraction : NONE (string)

scope : UNCHANGED (string)

confidentialityImpact : NONE (string)

integrityImpact : LOW (string)

availabilityImpact : NONE (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : A vulnerability in Cisco Expressway Edge (Expressway-E) could allow an authenticated, remote attacker to masquerade as another user on an affected system. This vulnerability is due to inadequate authorization checks for Mobile and Remote Access (MRA) users. An attacker could exploit this vulnerability by running a series of crafted commands. A successful exploit could allow the attacker to intercept calls that are destined for a particular phone number or to make phone calls and have that phone number appear on the caller ID. To successfully exploit this vulnerability, the attacker must be an MRA user on an affected system. (string)

}

]

references : [ »

0 : { »

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-auth-kdFrcZ2j (string)

name : cisco-sa-expressway-auth-kdFrcZ2j (string)

}

]

exploits : [ »

0 : { »

lang : en (string)

value : The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. (string)

}

]

source : { »

advisory : cisco-sa-expressway-auth-kdFrcZ2j (string)

discovery : INTERNAL (string)

defects : [ »

0 : CSCwa25058 (string)

]

}

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

lang : en (string)

description : Improper Authorization (string)

type : cwe (string)

cweId : CWE-285 (string)

}

]

}

]

affected : [ »

0 : { »

vendor : Cisco (string)

product : Cisco TelePresence Video Communication Server (VCS) Expressway (string)

versions : [ »

0 : { »

version : X8.11.2 (string)

status : affected (string)

}

1 : { »

version : X8.6 (string)

status : affected (string)

}

2 : { »

version : X8.11.3 (string)

status : affected (string)

}

3 : { »

version : X8.2.2 (string)

status : affected (string)

}

4 : { »

version : X8.8.3 (string)

status : affected (string)

}

5 : { »

version : X8.11.0 (string)

status : affected (string)

}

6 : { »

version : X12.5.2 (string)

status : affected (string)

}

7 : { »

version : X8.1.1 (string)

status : affected (string)

}

8 : { »

version : X8.9 (string)

status : affected (string)

}

9 : { »

version : X12.5.1 (string)

status : affected (string)

}

10 : { »

version : X12.5.6 (string)

status : affected (string)

}

11 : { »

version : X8.7.3 (string)

status : affected (string)

}

12 : { »

version : X12.6.0 (string)

status : affected (string)

}

13 : { »

version : X8.11.1 (string)

status : affected (string)

}

14 : { »

version : X8.5 (string)

status : affected (string)

}

15 : { »

version : X8.9.1 (string)

status : affected (string)

}

16 : { »

version : X8.10.2 (string)

status : affected (string)

}

17 : { »

version : X8.8.2 (string)

status : affected (string)

}

18 : { »

version : X8.5.3 (string)

status : affected (string)

}

19 : { »

version : X8.1 (string)

status : affected (string)

}

20 : { »

version : X8.9.2 (string)

status : affected (string)

}

21 : { »

version : X8.11.4 (string)

status : affected (string)

}

22 : { »

version : X12.5.4 (string)

status : affected (string)

}

23 : { »

version : X8.8.1 (string)

status : affected (string)

}

24 : { »

version : X8.2.1 (string)

status : affected (string)

}

25 : { »

version : X8.5.1 (string)

status : affected (string)

}

26 : { »

version : X8.6.1 (string)

status : affected (string)

}

27 : { »

version : X8.1.2 (string)

status : affected (string)

}

28 : { »

version : X8.8 (string)

status : affected (string)

}

29 : { »

version : X8.10.0 (string)

status : affected (string)

}

30 : { »

version : X12.5.3 (string)

status : affected (string)

}

31 : { »

version : X8.10.1 (string)

status : affected (string)

}

32 : { »

version : X12.5.7 (string)

status : affected (string)

}

33 : { »

version : X8.10.3 (string)

status : affected (string)

}

34 : { »

version : X8.7.1 (string)

status : affected (string)

}

35 : { »

version : X8.2 (string)

status : affected (string)

}

36 : { »

version : X12.5.8 (string)

status : affected (string)

}

37 : { »

version : X8.7 (string)

status : affected (string)

}

38 : { »

version : X8.5.2 (string)

status : affected (string)

}

39 : { »

version : X12.5.9 (string)

status : affected (string)

}

40 : { »

version : X12.5.0 (string)

status : affected (string)

}

41 : { »

version : X8.10.4 (string)

status : affected (string)

}

42 : { »

version : X8.7.2 (string)

status : affected (string)

}

43 : { »

version : X12.5.5 (string)

status : affected (string)

}

44 : { »

version : X12.6.1 (string)

status : affected (string)

}

45 : { »

version : X12.6.2 (string)

status : affected (string)

}

46 : { »

version : X12.6.3 (string)

status : affected (string)

}

47 : { »

version : X12.6.4 (string)

status : affected (string)

}

48 : { »

version : X12.7.0 (string)

status : affected (string)

}

49 : { »

version : X12.7.1 (string)

status : affected (string)

}

50 : { »

version : X14.0.0 (string)

status : affected (string)

}

51 : { »

version : X14.0.1 (string)

status : affected (string)

}

52 : { »

version : X14.0.2 (string)

status : affected (string)

}

53 : { »

version : X14.0.3 (string)

status : affected (string)

}

54 : { »

version : X14.0.4 (string)

status : affected (string)

}

55 : { »

version : X14.0.5 (string)

status : affected (string)

}

56 : { »

version : X14.0.6 (string)

status : affected (string)

}

57 : { »

version : X14.0.7 (string)

status : affected (string)

}

58 : { »

version : X14.0.8 (string)

status : affected (string)

}

59 : { »

version : X14.2.0 (string)

status : affected (string)

}

60 : { »

version : X14.0.9 (string)

status : affected (string)

}

61 : { »

version : X14.2.1 (string)

status : affected (string)

}

62 : { »

version : X14.2.2 (string)

status : affected (string)

}

63 : { »

version : X14.0.11 (string)

status : affected (string)

}

64 : { »

version : X14.2.5 (string)

status : affected (string)

}

65 : { »

version : X14.0.10 (string)

status : affected (string)

}

66 : { »

version : X14.2.6 (string)

status : affected (string)

}

67 : { »

version : X14.2.7 (string)

status : affected (string)

}

68 : { »

version : X14.3.0 (string)

status : affected (string)

}

69 : { »

version : X14.3.1 (string)

status : affected (string)

}

70 : { »

version : X14.3.2 (string)

status : affected (string)

}

71 : { »

version : X14.3.3 (string)

status : affected (string)

}

72 : { »

version : X15.0.0 (string)

status : affected (string)

}

73 : { »

version : X14.3.4 (string)

status : affected (string)

}

74 : { »

version : X14.3.5 (string)

status : affected (string)

}

75 : { »

version : X15.0.1 (string)

status : affected (string)

}

76 : { »

version : X15.0.2 (string)

status : affected (string)

}

77 : { »

version : X15.0.3 (string)

status : affected (string)

}

]

defaultStatus : unknown (string)

}

]

providerMetadata : { »

orgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

shortName : cisco (string)

dateUpdated : 2024-09-04T16:29:13.595Z (string)

}

adp : [ »

0 : { »

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

timestamp : 2024-09-04T17:33:31.143271Z (string)

id : CVE-2024-20497 (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

role : CISA Coordinator (string)

version : 2.0.3 (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-09-04T17:33:38.771Z (string)

}

]

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-20497", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-04T17:33:31.143271Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-04T17:33:35.632Z"}}], "cna": {"title": "Cisco Expressway Edge Improper Authorization Vulnerability", "source": {"defects": ["CSCwa25058"], "advisory": "cisco-sa-expressway-auth-kdFrcZ2j", "discovery": "INTERNAL"}, "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Cisco", "product": "Cisco TelePresence Video Communication Server (VCS) Expressway", "versions": [{"status": "affected", "version": "X8.11.2"}, {"status": "affected", "version": "X8.6"}, {"status": "affected", "version": "X8.11.3"}, {"status": "affected", "version": "X8.2.2"}, {"status": "affected", "version": "X8.8.3"}, {"status": "affected", "version": "X8.11.0"}, {"status": "affected", "version": "X12.5.2"}, {"status": "affected", "version": "X8.1.1"}, {"status": "affected", "version": "X8.9"}, {"status": "affected", "version": "X12.5.1"}, {"status": "affected", "version": "X12.5.6"}, {"status": "affected", "version": "X8.7.3"}, {"status": "affected", "version": "X12.6.0"}, {"status": "affected", "version": "X8.11.1"}, {"status": "affected", "version": "X8.5"}, {"status": "affected", "version": "X8.9.1"}, {"status": "affected", "version": "X8.10.2"}, {"status": "affected", "version": "X8.8.2"}, {"status": "affected", "version": "X8.5.3"}, {"status": "affected", "version": "X8.1"}, {"status": "affected", "version": "X8.9.2"}, {"status": "affected", "version": "X8.11.4"}, {"status": "affected", "version": "X12.5.4"}, {"status": "affected", "version": "X8.8.1"}, {"status": "affected", "version": "X8.2.1"}, {"status": "affected", "version": "X8.5.1"}, {"status": "affected", "version": "X8.6.1"}, {"status": "affected", "version": "X8.1.2"}, {"status": "affected", "version": "X8.8"}, {"status": "affected", "version": "X8.10.0"}, {"status": "affected", "version": "X12.5.3"}, {"status": "affected", "version": "X8.10.1"}, {"status": "affected", "version": "X12.5.7"}, {"status": "affected", "version": "X8.10.3"}, {"status": "affected", "version": "X8.7.1"}, {"status": "affected", "version": "X8.2"}, {"status": "affected", "version": "X12.5.8"}, {"status": "affected", "version": "X8.7"}, {"status": "affected", "version": "X8.5.2"}, {"status": "affected", "version": "X12.5.9"}, {"status": "affected", "version": "X12.5.0"}, {"status": "affected", "version": "X8.10.4"}, {"status": "affected", "version": "X8.7.2"}, {"status": "affected", "version": "X12.5.5"}, {"status": "affected", "version": "X12.6.1"}, {"status": "affected", "version": "X12.6.2"}, {"status": "affected", "version": "X12.6.3"}, {"status": "affected", "version": "X12.6.4"}, {"status": "affected", "version": "X12.7.0"}, {"status": "affected", "version": "X12.7.1"}, {"status": "affected", "version": "X14.0.0"}, {"status": "affected", "version": "X14.0.1"}, {"status": "affected", "version": "X14.0.2"}, {"status": "affected", "version": "X14.0.3"}, {"status": "affected", "version": "X14.0.4"}, {"status": "affected", "version": "X14.0.5"}, {"status": "affected", "version": "X14.0.6"}, {"status": "affected", "version": "X14.0.7"}, {"status": "affected", "version": "X14.0.8"}, {"status": "affected", "version": "X14.2.0"}, {"status": "affected", "version": "X14.0.9"}, {"status": "affected", "version": "X14.2.1"}, {"status": "affected", "version": "X14.2.2"}, {"status": "affected", "version": "X14.0.11"}, {"status": "affected", "version": "X14.2.5"}, {"status": "affected", "version": "X14.0.10"}, {"status": "affected", "version": "X14.2.6"}, {"status": "affected", "version": "X14.2.7"}, {"status": "affected", "version": "X14.3.0"}, {"status": "affected", "version": "X14.3.1"}, {"status": "affected", "version": "X14.3.2"}, {"status": "affected", "version": "X14.3.3"}, {"status": "affected", "version": "X15.0.0"}, {"status": "affected", "version": "X14.3.4"}, {"status": "affected", "version": "X14.3.5"}, {"status": "affected", "version": "X15.0.1"}, {"status": "affected", "version": "X15.0.2"}, {"status": "affected", "version": "X15.0.3"}], "defaultStatus": "unknown"}], "exploits": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-auth-kdFrcZ2j", "name": "cisco-sa-expressway-auth-kdFrcZ2j"}], "descriptions": [{"lang": "en", "value": "A vulnerability in Cisco Expressway Edge (Expressway-E) could allow an authenticated, remote attacker to masquerade as another user on an affected system.\r\n\r\nThis vulnerability is due to inadequate authorization checks for Mobile and Remote Access (MRA) users. An attacker could exploit this vulnerability by running a series of crafted commands. A successful exploit could allow the attacker to intercept calls that are destined for a particular phone number or to make phone calls and have that phone number appear on the caller ID. To successfully exploit this vulnerability, the attacker must be an MRA user on an affected system."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "cwe", "cweId": "CWE-285", "description": "Improper Authorization"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-09-04T16:29:13.595Z"}}}, "cveMetadata": {"cveId": "CVE-2024-20497", "state": "PUBLISHED", "dateUpdated": "2024-09-04T17:33:38.771Z", "dateReserved": "2023-11-08T15:08:07.686Z", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2024-09-04T16:29:13.595Z", "assignerShortName": "cisco"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2024-20497 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-09-04T17:33:31.143271Z (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-09-04T17:33:35.632Z (string)

}

]

cna : { »

title : Cisco Expressway Edge Improper Authorization Vulnerability (string)

source : { »

defects : [ »

0 : CSCwa25058 (string)

]

advisory : cisco-sa-expressway-auth-kdFrcZ2j (string)

discovery : INTERNAL (string)

}

metrics : [ »

0 : { »

format : cvssV3_1 (string)

cvssV3_1 : { »

scope : UNCHANGED (string)

version : 3.1 (string)

baseScore : 4.3 (number)

attackVector : NETWORK (string)

baseSeverity : MEDIUM (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N (string)

integrityImpact : LOW (string)

userInteraction : NONE (string)

attackComplexity : LOW (string)

availabilityImpact : NONE (string)

privilegesRequired : LOW (string)

confidentialityImpact : NONE (string)

}

]

affected : [ »

0 : { »

vendor : Cisco (string)

product : Cisco TelePresence Video Communication Server (VCS) Expressway (string)

versions : [ »

0 : { »

status : affected (string)

version : X8.11.2 (string)

}

1 : { »

status : affected (string)

version : X8.6 (string)

}

2 : { »

status : affected (string)

version : X8.11.3 (string)

}

3 : { »

status : affected (string)

version : X8.2.2 (string)

}

4 : { »

status : affected (string)

version : X8.8.3 (string)

}

5 : { »

status : affected (string)

version : X8.11.0 (string)

}

6 : { »

status : affected (string)

version : X12.5.2 (string)

}

7 : { »

status : affected (string)

version : X8.1.1 (string)

}

8 : { »

status : affected (string)

version : X8.9 (string)

}

9 : { »

status : affected (string)

version : X12.5.1 (string)

}

10 : { »

status : affected (string)

version : X12.5.6 (string)

}

11 : { »

status : affected (string)

version : X8.7.3 (string)

}

12 : { »

status : affected (string)

version : X12.6.0 (string)

}

13 : { »

status : affected (string)

version : X8.11.1 (string)

}

14 : { »

status : affected (string)

version : X8.5 (string)

}

15 : { »

status : affected (string)

version : X8.9.1 (string)

}

16 : { »

status : affected (string)

version : X8.10.2 (string)

}

17 : { »

status : affected (string)

version : X8.8.2 (string)

}

18 : { »

status : affected (string)

version : X8.5.3 (string)

}

19 : { »

status : affected (string)

version : X8.1 (string)

}

20 : { »

status : affected (string)

version : X8.9.2 (string)

}

21 : { »

status : affected (string)

version : X8.11.4 (string)

}

22 : { »

status : affected (string)

version : X12.5.4 (string)

}

23 : { »

status : affected (string)

version : X8.8.1 (string)

}

24 : { »

status : affected (string)

version : X8.2.1 (string)

}

25 : { »

status : affected (string)

version : X8.5.1 (string)

}

26 : { »

status : affected (string)

version : X8.6.1 (string)

}

27 : { »

status : affected (string)

version : X8.1.2 (string)

}

28 : { »

status : affected (string)

version : X8.8 (string)

}

29 : { »

status : affected (string)

version : X8.10.0 (string)

}

30 : { »

status : affected (string)

version : X12.5.3 (string)

}

31 : { »

status : affected (string)

version : X8.10.1 (string)

}

32 : { »

status : affected (string)

version : X12.5.7 (string)

}

33 : { »

status : affected (string)

version : X8.10.3 (string)

}

34 : { »

status : affected (string)

version : X8.7.1 (string)

}

35 : { »

status : affected (string)

version : X8.2 (string)

}

36 : { »

status : affected (string)

version : X12.5.8 (string)

}

37 : { »

status : affected (string)

version : X8.7 (string)

}

38 : { »

status : affected (string)

version : X8.5.2 (string)

}

39 : { »

status : affected (string)

version : X12.5.9 (string)

}

40 : { »

status : affected (string)

version : X12.5.0 (string)

}

41 : { »

status : affected (string)

version : X8.10.4 (string)

}

42 : { »

status : affected (string)

version : X8.7.2 (string)

}

43 : { »

status : affected (string)

version : X12.5.5 (string)

}

44 : { »

status : affected (string)

version : X12.6.1 (string)

}

45 : { »

status : affected (string)

version : X12.6.2 (string)

}

46 : { »

status : affected (string)

version : X12.6.3 (string)

}

47 : { »

status : affected (string)

version : X12.6.4 (string)

}

48 : { »

status : affected (string)

version : X12.7.0 (string)

}

49 : { »

status : affected (string)

version : X12.7.1 (string)

}

50 : { »

status : affected (string)

version : X14.0.0 (string)

}

51 : { »

status : affected (string)

version : X14.0.1 (string)

}

52 : { »

status : affected (string)

version : X14.0.2 (string)

}

53 : { »

status : affected (string)

version : X14.0.3 (string)

}

54 : { »

status : affected (string)

version : X14.0.4 (string)

}

55 : { »

status : affected (string)

version : X14.0.5 (string)

}

56 : { »

status : affected (string)

version : X14.0.6 (string)

}

57 : { »

status : affected (string)

version : X14.0.7 (string)

}

58 : { »

status : affected (string)

version : X14.0.8 (string)

}

59 : { »

status : affected (string)

version : X14.2.0 (string)

}

60 : { »

status : affected (string)

version : X14.0.9 (string)

}

61 : { »

status : affected (string)

version : X14.2.1 (string)

}

62 : { »

status : affected (string)

version : X14.2.2 (string)

}

63 : { »

status : affected (string)

version : X14.0.11 (string)

}

64 : { »

status : affected (string)

version : X14.2.5 (string)

}

65 : { »

status : affected (string)

version : X14.0.10 (string)

}

66 : { »

status : affected (string)

version : X14.2.6 (string)

}

67 : { »

status : affected (string)

version : X14.2.7 (string)

}

68 : { »

status : affected (string)

version : X14.3.0 (string)

}

69 : { »

status : affected (string)

version : X14.3.1 (string)

}

70 : { »

status : affected (string)

version : X14.3.2 (string)

}

71 : { »

status : affected (string)

version : X14.3.3 (string)

}

72 : { »

status : affected (string)

version : X15.0.0 (string)

}

73 : { »

status : affected (string)

version : X14.3.4 (string)

}

74 : { »

status : affected (string)

version : X14.3.5 (string)

}

75 : { »

status : affected (string)

version : X15.0.1 (string)

}

76 : { »

status : affected (string)

version : X15.0.2 (string)

}

77 : { »

status : affected (string)

version : X15.0.3 (string)

}

]

defaultStatus : unknown (string)

}

]

exploits : [ »

0 : { »

lang : en (string)

value : The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. (string)

}

]

references : [ »

0 : { »

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-auth-kdFrcZ2j (string)

name : cisco-sa-expressway-auth-kdFrcZ2j (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : A vulnerability in Cisco Expressway Edge (Expressway-E) could allow an authenticated, remote attacker to masquerade as another user on an affected system. This vulnerability is due to inadequate authorization checks for Mobile and Remote Access (MRA) users. An attacker could exploit this vulnerability by running a series of crafted commands. A successful exploit could allow the attacker to intercept calls that are destined for a particular phone number or to make phone calls and have that phone number appear on the caller ID. To successfully exploit this vulnerability, the attacker must be an MRA user on an affected system. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

lang : en (string)

type : cwe (string)

cweId : CWE-285 (string)

description : Improper Authorization (string)

}

]

}

]

providerMetadata : { »

orgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

shortName : cisco (string)

dateUpdated : 2024-09-04T16:29:13.595Z (string)

}

cveMetadata : { »

cveId : CVE-2024-20497 (string)

state : PUBLISHED (string)

dateUpdated : 2024-09-04T17:33:38.771Z (string)

dateReserved : 2023-11-08T15:08:07.686Z (string)

assignerOrgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

datePublished : 2024-09-04T16:29:13.595Z (string)

assignerShortName : cisco (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:expressway-e:*:*:*:*:*:*:*:*", "matchCriteriaId": "0BE42697-EF64-49D2-AD83-0614C1A9A42E", "versionEndExcluding": "15.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in Cisco Expressway Edge (Expressway-E) could allow an authenticated, remote attacker to masquerade as another user on an affected system.\r\n\r\nThis vulnerability is due to inadequate authorization checks for Mobile and Remote Access (MRA) users. An attacker could exploit this vulnerability by running a series of crafted commands. A successful exploit could allow the attacker to intercept calls that are destined for a particular phone number or to make phone calls and have that phone number appear on the caller ID. To successfully exploit this vulnerability, the attacker must be an MRA user on an affected system."}, {"lang": "es", "value": "Una vulnerabilidad en Cisco Expressway Edge (Expressway-E) podr\u00eda permitir que un atacante remoto autenticado se haga pasar por otro usuario en un sistema afectado. Esta vulnerabilidad se debe a comprobaciones de autorizaci\u00f3n inadecuadas para los usuarios de acceso remoto y m\u00f3vil (MRA). Un atacante podr\u00eda aprovechar esta vulnerabilidad ejecutando una serie de comandos manipulados espec\u00edficamente para ello. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante interceptar llamadas destinadas a un n\u00famero de tel\u00e9fono en particular o hacer llamadas telef\u00f3nicas y que ese n\u00famero de tel\u00e9fono aparezca en el identificador de llamadas. Para aprovechar esta vulnerabilidad con \u00e9xito, el atacante debe ser un usuario de MRA en un sistema afectado."}], "id": "CVE-2024-20497", "lastModified": "2025-08-12T23:51:41.220", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "psirt@cisco.com", "type": "Secondary"}]}, "published": "2024-09-04T17:15:13.970", "references": [{"source": "psirt@cisco.com", "tags": ["Vendor Advisory"], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-auth-kdFrcZ2j"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-285"}], "source": "psirt@cisco.com", "type": "Secondary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:cisco:expressway-e:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 0BE42697-EF64-49D2-AD83-0614C1A9A42E (string)

versionEndExcluding : 15.2 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : A vulnerability in Cisco Expressway Edge (Expressway-E) could allow an authenticated, remote attacker to masquerade as another user on an affected system. This vulnerability is due to inadequate authorization checks for Mobile and Remote Access (MRA) users. An attacker could exploit this vulnerability by running a series of crafted commands. A successful exploit could allow the attacker to intercept calls that are destined for a particular phone number or to make phone calls and have that phone number appear on the caller ID. To successfully exploit this vulnerability, the attacker must be an MRA user on an affected system. (string)

}

1 : { »

lang : es (string)

value : Una vulnerabilidad en Cisco Expressway Edge (Expressway-E) podría permitir que un atacante remoto autenticado se haga pasar por otro usuario en un sistema afectado. Esta vulnerabilidad se debe a comprobaciones de autorización inadecuadas para los usuarios de acceso remoto y móvil (MRA). Un atacante podría aprovechar esta vulnerabilidad ejecutando una serie de comandos manipulados específicamente para ello. Una explotación exitosa podría permitir al atacante interceptar llamadas destinadas a un número de teléfono en particular o hacer llamadas telefónicas y que ese número de teléfono aparezca en el identificador de llamadas. Para aprovechar esta vulnerabilidad con éxito, el atacante debe ser un usuario de MRA en un sistema afectado. (string)

}

]

id : CVE-2024-20497 (string)

lastModified : 2025-08-12T23:51:41.220 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : NONE (string)

baseScore : 4.3 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : NONE (string)

integrityImpact : LOW (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N (string)

version : 3.1 (string)

}

exploitabilityScore : 2.8 (number)

impactScore : 1.4 (number)

source : psirt@cisco.com (string)

type : Secondary (string)

}

]

}

published : 2024-09-04T17:15:13.970 (string)

references : [ »

0 : { »

source : psirt@cisco.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-auth-kdFrcZ2j (string)

}

]

sourceIdentifier : psirt@cisco.com (string)

vulnStatus : Analyzed (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-285 (string)

}

]

source : psirt@cisco.com (string)

type : Secondary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object