CVE-2024-20280

Cisco UCS Central Software Configuration Backup Static Key Vulnerability

Description

A vulnerability in the backup feature of Cisco UCS Central Software could allow an attacker with access to a backup file to learn sensitive information that is stored in the full state and configuration backup files. This vulnerability is due to a weakness in the encryption method that is used for the backup function. An attacker could exploit this vulnerability by accessing a backup file and leveraging a static key that is used for the backup configuration feature. A successful exploit could allow an attacker with access to a backup file to learn sensitive information that is stored in full state backup files and configuration backup files, such as local user credentials, authentication server passwords, Simple Network Management Protocol (SNMP) community names, and the device SSL server certificate and key.

References

Link	Tags
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsc-bkpsky-TgJ5f73J	vendor advisory

Frequently Asked Questions

What is the severity of CVE-2024-20280?: CVE-2024-20280 has been scored as a medium severity vulnerability.
How to fix CVE-2024-20280?: To fix CVE-2024-20280, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-20280 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2024-20280 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-20280?: CVE-2024-20280 affects Cisco Cisco Unified Computing System Central Software.

Description

Categories

CWE-321 – Use of Hard-coded Cryptographic Key

CWE-798 – Use of Hard-coded Credentials

References

Frequently Asked Questions