← Back

CVE-2024-20337

nvd nist
Published: Mar 6, 2024Modified: Jul 22, 2025

JSON object

Loading...
8.2
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N
Exploitability: 2.8 / Impact: 4.7
Source: psirt@cisco.com (Secondary)

Description

A vulnerability in the SAML authentication process of Cisco Secure Client could allow an unauthenticated, remote attacker to conduct a carriage return line feed (CRLF) injection attack against a user. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by persuading a user to click a crafted link while establishing a VPN session. A successful exploit could allow the attacker to execute arbitrary script code in the browser or access sensitive, browser-based information, including a valid SAML token. The attacker could then use the token to establish a remote access VPN session with the privileges of the affected user. Individual hosts and services behind the VPN headend would still need additional credentials for successful access.

Affected (2)

Products: Cisco: Secure Client
Cisco
1 product
Secure Client
Configuration A
2 vulnerable · 3 platform
Vulnerable SoftwareAffected Versions
Cisco
Secure Client
From 4.10.04065 to 4.10.08025
Secure Client
From 5.0.00529 to 5.1.2.42
Running on/withPlatform Versions
Apple
Macos
All versions
Linux
Linux Kernel
All versions
Microsoft
Windows
All versions

Related CWEs

CWE-93
Improper Neutralization of CRLF Sequences ('CRLF Injection')
The product uses CRLF (carriage return line feeds) as a special element, e.g. to separate lines or records, but it does not neutralize or incorrectly neutralizes CRLF sequences from inputs.

References (2)

Source: psirt@cisco.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.