How severe is CVE-2024-20324?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2024-20324?

This is classified as CWE-274, which is a common weakness in software security.

CVE-2024-20324

MEDIUM Year: 2024

CVSS v3 Score

5.5

Medium

Weakness Type

CWE-274

View all →

Vulnerability Description

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, low-privileged, local attacker to access WLAN configuration details including passwords. This vulnerability is due to improper privilege checks. An attacker could exploit this vulnerability by using the show and show tech wireless CLI commands to access configuration details, including passwords. A successful exploit could allow the attacker to access configuration details that they are not authorized to access.

CVE-2018-6693

MEDIUM

CVSS:5.6(Medium)

An unprivileged user can delete arbitrary files on a Linux system running ENSLTP 10.5.1, 10.5.0, and 10.2.3 Hotfix 1246778 and earlier. By exploiting a time of check to time of use (TOCTOU) race condi...

CWE-2742018

CVE-2022-25782

MEDIUM

CVSS:5.4(Medium)

Improper Handling of Insufficient Privileges vulnerability in Web UI of Secomea GateManager allows logged in user to access and update privileged information. This issue affects: Secomea GateManager v...

CWE-2742022

CVE-2021-32006

MEDIUM

CVSS:4.3(Medium)

This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. Permission Issues vulnerability in LinkManager web portal of Secomea GateManager allows logged in LinkManager user...

CWE-2742021

CVE-2022-23160

MEDIUM

CVSS:4.3(Medium)

Dell PowerScale OneFS, versions 8.2.0-9.3.0, contains an Improper Handling of Insufficient Permissions vulnerability. An remote malicious user could potentially exploit this vulnerability, leading to ...

CWE-2742022

CVE-2023-32494

MEDIUM

CVSS:6.7(Medium)

Dell PowerScale OneFS, 8.0.x-9.5.x, contains an improper handling of insufficient privileges vulnerability. A local privileged attacker could potentially exploit this vulnerability, leading to elevati...

CWE-2742023

CVE-2025-20177

MEDIUM

CVSS:6.7(Medium)

A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR image signature verification and load unverified software on an affecte...

CWE-2742025

CVE-2024-20324

Vulnerability Description

Related Vulnerabilities

CVE-2018-6693

CVE-2022-25782

CVE-2021-32006

CVE-2022-23160

CVE-2023-32494

CVE-2025-20177