CVE-2024-20440

Name of the Vulnerable Software and Affected Versions Cisco Smart License Utility (affected versions not specified)

Description The issue is related to the disclosure of information through registration files. It is due to excessive verbosity in a debug log file, which could allow an unauthenticated, remote attacker to access sensitive information by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain log files that contain sensitive data, including credentials that can be used to access the API.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.