![vulnerability-in-cisco-smart-software-manager-lets-attackers-change-any-user-password-[ars-technica]](https://upmytech.com/wp-content/uploads/2024/07/195993-vulnerability-in-cisco-smart-software-manager-lets-attackers-change-any-user-password-ars-66986a07e45ba)
Vulnerability in Cisco Smart Software Manager lets attackers change any user password [Ars Technica]
Cisco on Wednesday disclosed a maximum-security vulnerability that allows remote threat actors with no authentication to change the password of any user, including those of administrators with accounts, on Cisco Smart Software Manager On-Prem devices.
The Cisco Smart Software Manager On-Prem resides inside the customer premises and provides a dashboard for managing licenses for all Cisco gear in use. It’s used by customers who can’t or don’t want to manage licenses in the cloud, as is more common.
In a bulletin, Cisco warns that the product contains a vulnerability that allows hackers to change any account’s password. The severity of the vulnerability, tracked as CVE-2024-20419, is rated 10, the maximum score.
Read 4 remaining paragraphs | Comments