cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-20389,https://securityvulnerability.io/vulnerability/CVE-2024-20389,Arbitrary File Read and Write Vulnerability in Cisco ConfD and Crosswork Network Services Orchestrator CLI,"A vulnerability exists in the ConfD CLI and Cisco Crosswork Network Services Orchestrator CLI, allowing a local, authenticated attacker with low privileges to manipulate arbitrary files on the operating system. This issue arises from improper authorization enforcement when certain command-line interface (CLI) commands are executed. By utilizing crafted command arguments, an attacker can exploit this vulnerability to read or write files with root user privileges, potentially leading to unauthorized access or system compromise.",Cisco,"Cisco Confd,Cisco Confd Basic,Cisco Network Services Orchestrator",7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-05-16T14:08:21.745Z,0
CVE-2024-20326,https://securityvulnerability.io/vulnerability/CVE-2024-20326,Arbitrary File Read and Write Vulnerability in Cisco ConfD and Crosswork Network Services Orchestrator CLI,"A vulnerability exists in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI, enabling an authenticated, low-privileged local attacker to gain unauthorized access to critical files on the underlying operating system. The issue arises from improper authorization enforcement associated with certain CLI commands, allowing for crafted command arguments to circumvent security measures. Consequently, this could lead to unauthorized reading or writing of arbitrary files with root user privileges, posing significant risks to system integrity and confidentiality.",Cisco,"Cisco Confd,Cisco Confd Basic,Cisco Network Services Orchestrator",7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-05-16T14:08:18.634Z,0