August 8, 2024 at 03:02PM Exploit code for a critical vulnerability in Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) is now available, allowing attackers to change any user password. The company warns of the availability of proof-of-concept exploit code but has not found evidence of attacks in the wild. Administrators must upgrade affected systems … Read more
July 18, 2024 at 03:30PM Cisco has issued a patch for a critical vulnerability, CVE-2024-20419, enabling unauthorized password changes. The CVSS rating of 10 underlines the severity, with low attack complexity and high product impact. SSM On-Prem and SSM Satellite are affected, and no workarounds exist. Users in sensitive sectors are urged to promptly apply … Read more
July 18, 2024 at 02:19AM Cisco released patches for a critical security flaw in Smart Software Manager On-Prem (Cisco SSM On-Prem) allowing remote attackers to change user passwords. The flaw, tracked as CVE-2024-20419, carries a CVSS score of 10.0. CISA also added three vulnerabilities to its Known Exploited Vulnerabilities catalog, urging federal agencies to apply … Read more
July 17, 2024 at 01:34PM Cisco has fixed a critical vulnerability in its Smart Software Manager On-Prem, allowing potential attackers to change user passwords without authentication. The flaw affects earlier releases and can be exploited remotely. To address the issue, administrators are advised to upgrade to the fixed release as there are no workarounds available. … Read more