Cisco Security Advisory - Cisco AppDynamics Controller Authorization Bypass Vulnerability

Started by Netwörkheäd, August 14, 2022, 12:21:28 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

Netwörkheäd

August 14, 2022, 12:21:28 AM
Cisco AppDynamics Controller Authorization Bypass Vulnerability

A vulnerability in the web-based management interface of Cisco AppDynamics Controller Software could allow an unauthenticated, remote attacker to access a configuration file and the login page for an administrative console that they would not normally have authorization to access.


This vulnerability is due to improper authorization checking for HTTP requests that are submitted to the affected web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected instance of AppDynamics Controller. A successful exploit could allow the attacker to access the login page for an administrative console.


AppDynamics has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.


This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-appd-contrl-athzn-bp-BLypgsbu



     
         
Security Impact Rating:  Medium
   
   
       
CVE: CVE-2022-20736
Source: Cisco AppDynamics Controller Authorization Bypass Vulnerability
Let's not argue. Let's network!
Print
Go Up Pages1
User actions