CVE-2023-20038

Name of the Vulnerable Software and Affected Versions Cisco Industrial Network Director (affected versions not specified)

Description A vulnerability in the monitoring application could allow an authenticated, local attacker to access a static secret key used to store both local data and credentials for accessing remote systems. This issue is due to a static key value stored in the application used to encrypt application data and remote credentials. An attacker could exploit this by gaining local access to the server, potentially allowing them to decrypt data and access remote systems monitored by the application.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.