CVE-2024-20399
MEDIUM CISA KEVCVSS v3
6
MEDIUM
EPSS Score
—
exploit probability
CISA KEV
Yes
known exploited
Exploitation
—
SSVC status
Description
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected configuration CLI command. A successful exploit
CISA Known Exploited Vulnerability
- Date Added
- 7/2/2024
- Patch Due Date
- 7/23/2024
- Required Action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Technical Details
- CVSS v3 Vector
- 3.1
- Published
- 7/1/2024
- Last Modified
- 10/28/2025
Frequently Asked Questions
What is CVE-2024-20399?
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected configuration CLI command. A successful exploit
Is CVE-2024-20399 actively exploited?
Yes. CVE-2024-20399 is on the CISA Known Exploited Vulnerabilities (KEV) catalog, meaning it has been confirmed as actively exploited in the wild. CISA requires federal agencies to patch by 7/23/2024.
What is the CVSS score for CVE-2024-20399?
CVE-2024-20399 has a CVSS v3 base score of 6 (MEDIUM severity), with vector string 3.1.
Is CVE-2024-20399 affecting your environment?
Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.