Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2024-20277
HistoryJan 17, 2024 - 5:15 p.m.

Command injection

2024-01-1717:15:00
PRIOn knowledge base
www.prio-n.com
2
cisco thousandeyes
command injection
vulnerability
remote attackers
privilege escalation

8.5 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

20.6%

JSON

A vulnerability in the web-based management interface of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, remote attacker to perform a command injection and elevate privileges to root. This vulnerability is due to insufficient validation of user-supplied input for the web interface. An attacker could exploit this vulnerability by sending a crafted HTTP packet to the affected device. A successful exploit could allow the attacker to execute arbitrary commands and elevate privileges to root.

CPENameOperatorVersion
thousandeyes_enterprise_agentlt0.233.2

Related

cvelist 1
cisco 1
cve 1
nvd 1
cvelist
cvelist
CVE-2024-20277
2024-01-17 16:58:21
cisco
cisco
Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation Vulnerability
2024-01-10 16:00:00
cve
cve
CVE-2024-20277
2024-01-17 17:15:12
nvd
nvd
CVE-2024-20277
2024-01-17 17:15:12

8.5 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

20.6%

JSON
Related for PRION:CVE-2024-20277
cvelist1cisco1cve1nvd1