CVE-2024-20333

Name of the Vulnerable Software and Affected Versions Cisco Catalyst Center (affected versions not specified)

Description A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an authenticated, remote attacker to change specific data within the interface on an affected device. This issue is due to insufficient authorization enforcement, allowing an attacker to exploit it by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to change a specific field within the web-based management interface, even though they should not have access to change that field.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.