Versa Director Flaw Exposes Networks to API Exploits and Token Theft

Published on September 25, 2024
Written by:
Lore Apostol
Lore Apostol
Infosec Writer & Editor

A critical advisory on a newly discovered vulnerability in Versa Networks' Versa Director, identified as CVE-2024-45229, was issued by the Cybersecurity and Infrastructure Security Agency (CISA). 

The CVE-2024-45229 vulnerability has a 6.6 severity score and is primarily caused by improper input validation within certain REST APIs that do not require authentication by design. 

This flaw poses significant security risks due to its impact on network configurations managed by Versa’s SD-WAN software, widely deployed by internet service providers (ISPs) and managed service providers (MSPs).

This oversight potentially allows attackers to inject invalid arguments into GET requests, leading to the exposure of active users' authentication tokens. These exposed tokens can enable unauthorized access to additional APIs, jeopardizing sensitive data and the operational integrity of affected networks.

The vulnerability affects several versions of Versa Director, specifically those released prior to September 9, 2024. Impacted versions include: 22.1.4, 22.1.3, 22.1.2, all iterations of 22.1.1, 21.2.3, and 21.2.2.

Organizations utilizing susceptible versions of Versa Director are urged to upgrade to the latest version containing a hotfix released on September 12, 2024. In addition to upgrading, deploying a web application firewall (WAF) or an API gateway is recommended to restrict access to vulnerable APIs, particularly those on ports 9182, 9183, and 443.

This alert follows last month’s high-severity vulnerability (CVE-2024-39717), which facilitated attacks on downstream customers in a supply chain breach. Currently, Cyble found 73 internet-exposed instances of Versa Director, though the presence of the latest vulnerability in these instances remains undetermined.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: