How severe is CVE-2024-20463?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.1 out of 10.

What type of vulnerability is CVE-2024-20463?

This is classified as CWE-305, which is a common weakness in software security.

CVE-2024-20463 - HIGH Severity | CVSS 7.1

Vulnerability Description

A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to modify the configuration or reboot an affected device. This vulnerability is due to the HTTP server allowing state changes in GET requests. An attacker could exploit this vulnerability by sending a malicious request to the web-based management interface on an affected device. A successful exploit could allow the attacker to make limited modifications to the configuration or reboot the device, resulting in a denial of service (DoS) condition. 

Related Vulnerabilities

CVE-2024-12582

HIGH

CVSS:7.1(High)

A flaw was found in the skupper console, a read-only interface that renders cluster network, traffic details, and metrics for a network application that a user sets up across a hybrid multi-cloud envi...

CWE-3052024

CVE-2022-4722

HIGH

CVSS:7.2(High)

Authentication Bypass by Primary Weakness in GitHub repository ikus060/rdiffweb prior to 2.5.5.

CWE-3052022

CVE-2025-27370

MEDIUM

CVSS:6.9(Medium)

OpenID Connect Core through 1.0 errata set 2 allows audience injection in certain situations. When the private_key_jwt authentication mechanism is used, a malicious Authorization Server could trick a ...

CWE-3052025

CVE-2025-27371

MEDIUM

CVSS:6.9(Medium)

In certain IETF OAuth 2.0-related specifications, when the JSON Web Token Profile for OAuth 2.0 Client Authentication mechanism is used, there are ambiguities in the audience values of JWTs sent to au...

CWE-3052025

CVE-2020-14359

HIGH

CVSS:7.3(High)

A vulnerability was found in all versions of Keycloak Gatekeeper, where on using lower case HTTP headers (via cURL) an attacker can bypass our Gatekeeper. Lower case headers are also accepted by some ...

CWE-3052020

CVE-2024-34077

HIGH

CVSS:7.3(High)

MantisBT (Mantis Bug Tracker) is an open source issue tracker. Insufficient access control in the registration and password reset process allows an attacker to reset another user's password and takeov...

CWE-3052024