1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Cisco Smart Licensing Utility Static Credential Vulnerability

Known Exploited Vulnerabilities CVE-2024-20439

Cisco Smart Licensing Utility contains a static credential vulnerability that allows an unauthenticated, remote attacker to log in to an affected system and gain administrative credentials.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2024-20439 Cisco Smart Licensing Utility Static Credential Vulnerability exploitation_technique T1552 Unsecured Credentials
Comments
Due to static credentials found in Cisco Smart Licensing Utility, a remote, unauthenticated attacker can gain administrative access through the API.
References
  1. https://arcticwolf.com/resources/blog/cve-2024-20439-cve-2024-20440-critical-cisco-smart-licensing-utility-vulnerabilities/
CVE-2024-20439 Cisco Smart Licensing Utility Static Credential Vulnerability primary_impact T1106 Native API
Comments
Due to static credentials found in Cisco Smart Licensing Utility, a remote, unauthenticated attacker can gain administrative access through the API.
References
  1. https://arcticwolf.com/resources/blog/cve-2024-20439-cve-2024-20440-critical-cisco-smart-licensing-utility-vulnerabilities/