Action not permitted
Modal body text goes here.
wid-sec-w-2024-3072
Vulnerability from csaf_certbund
Published
2024-10-03 22:00
Modified
2024-10-03 22:00
Summary
Cisco Nexus Dashboard und Nexus Dashboard Fabric Controller: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Cisco Nexus Dashboard ist ein Dashboard für Rechenzentren zur Verwaltung von Hybrid-Cloud-Netzwerken.
Angriff
Ein entfernter Angreifer kann mehrere Schwachstellen in Cisco Nexus Dashboard ausnutzen, um Informationen offenzulegen Sicherheitsmaßnahmen zu umgehen und beliebigen Code, im schlimmsten Fall mit Administratorrechten, zur Ausführung zu bringen.
Betroffene Betriebssysteme
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Cisco Nexus Dashboard ist ein Dashboard f\u00fcr Rechenzentren zur Verwaltung von Hybrid-Cloud-Netzwerken.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter Angreifer kann mehrere Schwachstellen in Cisco Nexus Dashboard ausnutzen, um Informationen offenzulegen Sicherheitsma\u00dfnahmen zu umgehen und beliebigen Code, im schlimmsten Fall mit Administratorrechten, zur Ausf\u00fchrung zu bringen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3072 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3072.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3072 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3072"
},
{
"category": "external",
"summary": "Cisco Security Advisory cisco-sa-ndfc-cmdinj-UvYZrKfr vom 2024-10-03",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-cmdinj-UvYZrKfr"
},
{
"category": "external",
"summary": "Cisco Security Advisory cisco-sa-ndfc-raci-T46k3jnN vom 2024-10-03",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-raci-T46k3jnN"
},
{
"category": "external",
"summary": "Cisco Security Advisory cisco-sa-ndfc-cidv-XvyX2wLj vom 2024-10-03",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-cidv-XvyX2wLj"
},
{
"category": "external",
"summary": "Cisco Security Advisory cisco-sa-ndfc-ptrce-BUSHLbp vom 2024-10-03",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-ptrce-BUSHLbp"
},
{
"category": "external",
"summary": "Cisco Security Advisory cisco-sa-ndhs-uaapi-Jh4V6zpN vom 2024-10-03",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndhs-uaapi-Jh4V6zpN"
},
{
"category": "external",
"summary": "Cisco Security Advisory cisco-sa-ndhs-idv-Bk8VqEDc vom 2024-10-03",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndhs-idv-Bk8VqEDc"
},
{
"category": "external",
"summary": "Cisco Security Advisory cisco-sa-ndo-tlsvld-FdUF3cpw vom 2024-10-03",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndo-tlsvld-FdUF3cpw"
}
],
"source_lang": "en-US",
"title": "Cisco Nexus Dashboard und Nexus Dashboard Fabric Controller: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-10-03T22:00:00.000+00:00",
"generator": {
"date": "2024-10-04T11:09:27.025+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-3072",
"initial_release_date": "2024-10-03T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-10-03T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c12.2.2",
"product": {
"name": "Cisco Nexus Dashboard \u003c12.2.2",
"product_id": "T037977"
}
},
{
"category": "product_version",
"name": "12.2.2",
"product": {
"name": "Cisco Nexus Dashboard 12.2.2",
"product_id": "T037977-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:nexus_dashboard:12.2.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003e=12.0",
"product": {
"name": "Cisco Nexus Dashboard \u003e=12.0",
"product_id": "T037979"
}
},
{
"category": "product_version_range",
"name": "\u003e=12.0",
"product": {
"name": "Cisco Nexus Dashboard \u003e=12.0",
"product_id": "T037979-fixed"
}
}
],
"category": "product_name",
"name": "Nexus Dashboard"
}
],
"category": "vendor",
"name": "Cisco"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-20385",
"notes": [
{
"category": "description",
"text": "In Cisco Nexus Dashboard und dem Nexus Dashboard Fabric Controller existieren mehrere Schwachstellen. Diese bestehen unter anderem aufgrund von unzureichenden \u00dcberpr\u00fcfungen von Autorisierungen und Befehlsargumenten, sowie unsachgem\u00e4\u00dfer Speicherung von Informationen. Ein Angreifer kann diese Schwachstellen ausnutzen, um Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen und beliebigen Code, im schlimmsten Fall mit Administratorrechten, zur Ausf\u00fchrung zu bringen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Authentisierung erforderlich."
}
],
"product_status": {
"known_affected": [
"T037977"
]
},
"release_date": "2024-10-03T22:00:00.000+00:00",
"title": "CVE-2024-20385"
},
{
"cve": "CVE-2024-20432",
"notes": [
{
"category": "description",
"text": "In Cisco Nexus Dashboard und dem Nexus Dashboard Fabric Controller existieren mehrere Schwachstellen. Diese bestehen unter anderem aufgrund von unzureichenden \u00dcberpr\u00fcfungen von Autorisierungen und Befehlsargumenten, sowie unsachgem\u00e4\u00dfer Speicherung von Informationen. Ein Angreifer kann diese Schwachstellen ausnutzen, um Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen und beliebigen Code, im schlimmsten Fall mit Administratorrechten, zur Ausf\u00fchrung zu bringen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Authentisierung erforderlich."
}
],
"product_status": {
"known_affected": [
"T037977"
]
},
"release_date": "2024-10-03T22:00:00.000+00:00",
"title": "CVE-2024-20432"
},
{
"cve": "CVE-2024-20438",
"notes": [
{
"category": "description",
"text": "In Cisco Nexus Dashboard und dem Nexus Dashboard Fabric Controller existieren mehrere Schwachstellen. Diese bestehen unter anderem aufgrund von unzureichenden \u00dcberpr\u00fcfungen von Autorisierungen und Befehlsargumenten, sowie unsachgem\u00e4\u00dfer Speicherung von Informationen. Ein Angreifer kann diese Schwachstellen ausnutzen, um Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen und beliebigen Code, im schlimmsten Fall mit Administratorrechten, zur Ausf\u00fchrung zu bringen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Authentisierung erforderlich."
}
],
"product_status": {
"known_affected": [
"T037977"
]
},
"release_date": "2024-10-03T22:00:00.000+00:00",
"title": "CVE-2024-20438"
},
{
"cve": "CVE-2024-20441",
"notes": [
{
"category": "description",
"text": "In Cisco Nexus Dashboard und dem Nexus Dashboard Fabric Controller existieren mehrere Schwachstellen. Diese bestehen unter anderem aufgrund von unzureichenden \u00dcberpr\u00fcfungen von Autorisierungen und Befehlsargumenten, sowie unsachgem\u00e4\u00dfer Speicherung von Informationen. Ein Angreifer kann diese Schwachstellen ausnutzen, um Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen und beliebigen Code, im schlimmsten Fall mit Administratorrechten, zur Ausf\u00fchrung zu bringen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Authentisierung erforderlich."
}
],
"product_status": {
"known_affected": [
"T037977"
]
},
"release_date": "2024-10-03T22:00:00.000+00:00",
"title": "CVE-2024-20441"
},
{
"cve": "CVE-2024-20442",
"notes": [
{
"category": "description",
"text": "In Cisco Nexus Dashboard und dem Nexus Dashboard Fabric Controller existieren mehrere Schwachstellen. Diese bestehen unter anderem aufgrund von unzureichenden \u00dcberpr\u00fcfungen von Autorisierungen und Befehlsargumenten, sowie unsachgem\u00e4\u00dfer Speicherung von Informationen. Ein Angreifer kann diese Schwachstellen ausnutzen, um Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen und beliebigen Code, im schlimmsten Fall mit Administratorrechten, zur Ausf\u00fchrung zu bringen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Authentisierung erforderlich."
}
],
"product_status": {
"known_affected": [
"T037977"
]
},
"release_date": "2024-10-03T22:00:00.000+00:00",
"title": "CVE-2024-20442"
},
{
"cve": "CVE-2024-20444",
"notes": [
{
"category": "description",
"text": "In Cisco Nexus Dashboard und dem Nexus Dashboard Fabric Controller existieren mehrere Schwachstellen. Diese bestehen unter anderem aufgrund von unzureichenden \u00dcberpr\u00fcfungen von Autorisierungen und Befehlsargumenten, sowie unsachgem\u00e4\u00dfer Speicherung von Informationen. Ein Angreifer kann diese Schwachstellen ausnutzen, um Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen und beliebigen Code, im schlimmsten Fall mit Administratorrechten, zur Ausf\u00fchrung zu bringen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Authentisierung erforderlich."
}
],
"product_status": {
"known_affected": [
"T037977"
]
},
"release_date": "2024-10-03T22:00:00.000+00:00",
"title": "CVE-2024-20444"
},
{
"cve": "CVE-2024-20448",
"notes": [
{
"category": "description",
"text": "In Cisco Nexus Dashboard und dem Nexus Dashboard Fabric Controller existieren mehrere Schwachstellen. Diese bestehen unter anderem aufgrund von unzureichenden \u00dcberpr\u00fcfungen von Autorisierungen und Befehlsargumenten, sowie unsachgem\u00e4\u00dfer Speicherung von Informationen. Ein Angreifer kann diese Schwachstellen ausnutzen, um Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen und beliebigen Code, im schlimmsten Fall mit Administratorrechten, zur Ausf\u00fchrung zu bringen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Authentisierung erforderlich."
}
],
"product_status": {
"known_affected": [
"T037977"
]
},
"release_date": "2024-10-03T22:00:00.000+00:00",
"title": "CVE-2024-20448"
},
{
"cve": "CVE-2024-20449",
"notes": [
{
"category": "description",
"text": "In Cisco Nexus Dashboard und dem Nexus Dashboard Fabric Controller existieren mehrere Schwachstellen. Diese bestehen unter anderem aufgrund von unzureichenden \u00dcberpr\u00fcfungen von Autorisierungen und Befehlsargumenten, sowie unsachgem\u00e4\u00dfer Speicherung von Informationen. Ein Angreifer kann diese Schwachstellen ausnutzen, um Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen und beliebigen Code, im schlimmsten Fall mit Administratorrechten, zur Ausf\u00fchrung zu bringen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Authentisierung erforderlich."
}
],
"product_status": {
"known_affected": [
"T037977"
]
},
"release_date": "2024-10-03T22:00:00.000+00:00",
"title": "CVE-2024-20449"
},
{
"cve": "CVE-2024-20477",
"notes": [
{
"category": "description",
"text": "In Cisco Nexus Dashboard und dem Nexus Dashboard Fabric Controller existieren mehrere Schwachstellen. Diese bestehen unter anderem aufgrund von unzureichenden \u00dcberpr\u00fcfungen von Autorisierungen und Befehlsargumenten, sowie unsachgem\u00e4\u00dfer Speicherung von Informationen. Ein Angreifer kann diese Schwachstellen ausnutzen, um Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen und beliebigen Code, im schlimmsten Fall mit Administratorrechten, zur Ausf\u00fchrung zu bringen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Authentisierung erforderlich."
}
],
"product_status": {
"known_affected": [
"T037977"
]
},
"release_date": "2024-10-03T22:00:00.000+00:00",
"title": "CVE-2024-20477"
},
{
"cve": "CVE-2024-20490",
"notes": [
{
"category": "description",
"text": "In Cisco Nexus Dashboard und dem Nexus Dashboard Fabric Controller existieren mehrere Schwachstellen. Diese bestehen unter anderem aufgrund von unzureichenden \u00dcberpr\u00fcfungen von Autorisierungen und Befehlsargumenten, sowie unsachgem\u00e4\u00dfer Speicherung von Informationen. Ein Angreifer kann diese Schwachstellen ausnutzen, um Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen und beliebigen Code, im schlimmsten Fall mit Administratorrechten, zur Ausf\u00fchrung zu bringen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Authentisierung erforderlich."
}
],
"product_status": {
"known_affected": [
"T037977"
]
},
"release_date": "2024-10-03T22:00:00.000+00:00",
"title": "CVE-2024-20490"
},
{
"cve": "CVE-2024-20491",
"notes": [
{
"category": "description",
"text": "In Cisco Nexus Dashboard und dem Nexus Dashboard Fabric Controller existieren mehrere Schwachstellen. Diese bestehen unter anderem aufgrund von unzureichenden \u00dcberpr\u00fcfungen von Autorisierungen und Befehlsargumenten, sowie unsachgem\u00e4\u00dfer Speicherung von Informationen. Ein Angreifer kann diese Schwachstellen ausnutzen, um Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen und beliebigen Code, im schlimmsten Fall mit Administratorrechten, zur Ausf\u00fchrung zu bringen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Authentisierung erforderlich."
}
],
"product_status": {
"known_affected": [
"T037977"
]
},
"release_date": "2024-10-03T22:00:00.000+00:00",
"title": "CVE-2024-20491"
}
]
}
cve-2024-20449
Vulnerability from cvelistv5
Published
2024-10-02 16:54
Modified
2024-10-02 19:33
Severity ?
EPSS score ?
Summary
Cisco Nexus Dashboard Fabric Controller Remote Code Execution Vulnerability
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Data Center Network Manager |
Version: 12.1(1) Version: 12.0.1a Version: 12.0.2d Version: 12.0.2f Version: 12.1.1 Version: 12.1.1e Version: 12.1.1p Version: 12.1.2e Version: 12.1.2p Version: 12.1.3b Version: 12.2.1 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cisco:data_center_network_manager:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "data_center_network_manager",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "12.0.1a"
},
{
"status": "affected",
"version": "12.0.2d"
},
{
"status": "affected",
"version": "12.0.2f"
},
{
"status": "affected",
"version": "12.1.1"
},
{
"status": "affected",
"version": "12.1.1e"
},
{
"status": "affected",
"version": "12.1.1p"
},
{
"status": "affected",
"version": "12.1.2e"
},
{
"status": "affected",
"version": "12.1.2p"
},
{
"status": "affected",
"version": "12.1.3b"
},
{
"status": "affected",
"version": "12.2.1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20449",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T19:01:03.051565Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T19:33:43.750Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Data Center Network Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "12.0.1a"
},
{
"status": "affected",
"version": "12.0.2d"
},
{
"status": "affected",
"version": "12.0.2f"
},
{
"status": "affected",
"version": "12.1.1"
},
{
"status": "affected",
"version": "12.1.1e"
},
{
"status": "affected",
"version": "12.1.1p"
},
{
"status": "affected",
"version": "12.1.2e"
},
{
"status": "affected",
"version": "12.1.2p"
},
{
"status": "affected",
"version": "12.1.3b"
},
{
"status": "affected",
"version": "12.2.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device.\r\n\r\nThis vulnerability is due to improper path validation. An attacker could exploit this vulnerability by using the Secure Copy Protocol (SCP) to upload malicious code to an affected device using path traversal techniques. A successful exploit could allow the attacker to execute arbitrary\u0026nbsp;code in a specific container with the privileges of root."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "Relative Path Traversal",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:54:50.760Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ndfc-ptrce-BUSHLbp",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-ptrce-BUSHLbp"
}
],
"source": {
"advisory": "cisco-sa-ndfc-ptrce-BUSHLbp",
"defects": [
"CSCwk04223"
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus Dashboard Fabric Controller Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20449",
"datePublished": "2024-10-02T16:54:50.760Z",
"dateReserved": "2023-11-08T15:08:07.678Z",
"dateUpdated": "2024-10-02T19:33:43.750Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20444
Vulnerability from cvelistv5
Published
2024-10-02 16:54
Modified
2024-10-02 19:45
Severity ?
EPSS score ?
Summary
Cisco Nexus Dashboard Fabric Controller REST API Command Injection Vulnerability
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Data Center Network Manager |
Version: 11.2(1) Version: 7.0(2) Version: 10.3(2)IPFM Version: 10.1(1) Version: 7.2(3) Version: 7.2(2) Version: 7.2(1) Version: 11.0(1) Version: 10.4(1) Version: 10.2(1) Version: 7.2(2a) Version: 10.1(2) Version: 7.1(1) Version: 12.1(1) Version: 11.1(1) Version: 10.3(1) Version: 10.3(1)R(1) Version: 7.0(1) Version: 10.0(1) Version: 7.1(2) Version: 11.4(1) Version: 10.4(2) Version: 11.3(1) Version: 11.5(1) Version: 11.5(2) Version: 11.5(3) Version: 12.0.1a Version: 11.5(3a) Version: 12.0.2d Version: 12.0.2f Version: 11.5(4) Version: 12.1.1 Version: 12.1.1e Version: 12.1.1p Version: 12.1.2e Version: 12.1.2p Version: 12.1.3b Version: 12.2.1 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cisco:data_center_network_manager:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "data_center_network_manager",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "11.2(1)"
},
{
"status": "affected",
"version": "7.0(2)"
},
{
"status": "affected",
"version": "10.3(2)IPFM"
},
{
"status": "affected",
"version": "10.1(1)"
},
{
"status": "affected",
"version": "7.2(3)"
},
{
"status": "affected",
"version": "7.2(2)"
},
{
"status": "affected",
"version": "7.2(1)"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "10.4(1)"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "7.2(2a)"
},
{
"status": "affected",
"version": "10.1(2)"
},
{
"status": "affected",
"version": "7.1(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "11.1(1)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)R(1)"
},
{
"status": "affected",
"version": "7.0(1)"
},
{
"status": "affected",
"version": "10.0(1)"
},
{
"status": "affected",
"version": "7.1(2)"
},
{
"status": "affected",
"version": "11.4(1)"
},
{
"status": "affected",
"version": "10.4(2)"
},
{
"status": "affected",
"version": "11.3(1)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.5(2)"
},
{
"status": "affected",
"version": "11.5(3)"
},
{
"status": "affected",
"version": "12.0.1a"
},
{
"status": "affected",
"version": "11.5(3a)"
},
{
"status": "affected",
"version": "12.0.2d"
},
{
"status": "affected",
"version": "12.0.2f"
},
{
"status": "affected",
"version": "11.5(4)"
},
{
"status": "affected",
"version": "12.1.1"
},
{
"status": "affected",
"version": "12.1.1e"
},
{
"status": "affected",
"version": "12.1.1p"
},
{
"status": "affected",
"version": "12.1.2e"
},
{
"status": "affected",
"version": "12.1.2p"
},
{
"status": "affected",
"version": "12.1.3b"
},
{
"status": "affected",
"version": "12.2.1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20444",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T19:29:46.344080Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T19:45:29.694Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Data Center Network Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.2(1)"
},
{
"status": "affected",
"version": "7.0(2)"
},
{
"status": "affected",
"version": "10.3(2)IPFM"
},
{
"status": "affected",
"version": "10.1(1)"
},
{
"status": "affected",
"version": "7.2(3)"
},
{
"status": "affected",
"version": "7.2(2)"
},
{
"status": "affected",
"version": "7.2(1)"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "10.4(1)"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "7.2(2a)"
},
{
"status": "affected",
"version": "10.1(2)"
},
{
"status": "affected",
"version": "7.1(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "11.1(1)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)R(1)"
},
{
"status": "affected",
"version": "7.0(1)"
},
{
"status": "affected",
"version": "10.0(1)"
},
{
"status": "affected",
"version": "7.1(2)"
},
{
"status": "affected",
"version": "11.4(1)"
},
{
"status": "affected",
"version": "10.4(2)"
},
{
"status": "affected",
"version": "11.3(1)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.5(2)"
},
{
"status": "affected",
"version": "11.5(3)"
},
{
"status": "affected",
"version": "12.0.1a"
},
{
"status": "affected",
"version": "11.5(3a)"
},
{
"status": "affected",
"version": "12.0.2d"
},
{
"status": "affected",
"version": "12.0.2f"
},
{
"status": "affected",
"version": "11.5(4)"
},
{
"status": "affected",
"version": "12.1.1"
},
{
"status": "affected",
"version": "12.1.1e"
},
{
"status": "affected",
"version": "12.1.1p"
},
{
"status": "affected",
"version": "12.1.2e"
},
{
"status": "affected",
"version": "12.1.2p"
},
{
"status": "affected",
"version": "12.1.3b"
},
{
"status": "affected",
"version": "12.2.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC), formerly Cisco Data Center Network Manager (DCNM), could allow an authenticated, remote attacker with network-admin privileges to perform a command injection attack against an affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to insufficient validation of command arguments. An attacker could exploit this vulnerability by submitting crafted command arguments to a specific REST API endpoint. A successful exploit could allow the attacker to overwrite sensitive files or crash a specific container, which would restart on its own, causing a low-impact denial of service (DoS) condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-88",
"description": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:54:09.855Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ndfc-raci-T46k3jnN",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-raci-T46k3jnN"
}
],
"source": {
"advisory": "cisco-sa-ndfc-raci-T46k3jnN",
"defects": [
"CSCwj55173"
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus Dashboard Fabric Controller REST API Command Injection Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20444",
"datePublished": "2024-10-02T16:54:09.855Z",
"dateReserved": "2023-11-08T15:08:07.677Z",
"dateUpdated": "2024-10-02T19:45:29.694Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20477
Vulnerability from cvelistv5
Published
2024-10-02 16:55
Modified
2024-10-02 17:26
Severity ?
EPSS score ?
Summary
Cisco Nexus Dashboard Fabric Controller Unauthorized REST API Endpoint Vulnerability
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Data Center Network Manager |
Version: 12.1(1) Version: 12.0.1a Version: 12.0.2d Version: 12.0.2f Version: 12.1.1 Version: 12.1.1e Version: 12.1.1p Version: 12.1.2e Version: 12.1.2p Version: 12.1.3b Version: 12.2.1 |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20477",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T17:17:57.942531Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T17:26:21.782Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Data Center Network Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "12.0.1a"
},
{
"status": "affected",
"version": "12.0.2d"
},
{
"status": "affected",
"version": "12.0.2f"
},
{
"status": "affected",
"version": "12.1.1"
},
{
"status": "affected",
"version": "12.1.1e"
},
{
"status": "affected",
"version": "12.1.1p"
},
{
"status": "affected",
"version": "12.1.2e"
},
{
"status": "affected",
"version": "12.1.2p"
},
{
"status": "affected",
"version": "12.1.3b"
},
{
"status": "affected",
"version": "12.2.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to upload or delete files on an affected device.\r\n\r\nThis vulnerability exists because of missing authorization controls on the affected REST API endpoint. An attacker could exploit this vulnerability by sending crafted API requests to the affected endpoint. A successful exploit could allow the attacker to upload files into a specific container or delete files from a specific folder within that container. This vulnerability only affects a specific REST API endpoint and does not affect the web-based management interface."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:55:07.208Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ndhs-uaapi-Jh4V6zpN",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndhs-uaapi-Jh4V6zpN"
}
],
"source": {
"advisory": "cisco-sa-ndhs-uaapi-Jh4V6zpN",
"defects": [
"CSCwk11265"
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus Dashboard Fabric Controller Unauthorized REST API Endpoint Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20477",
"datePublished": "2024-10-02T16:55:07.208Z",
"dateReserved": "2023-11-08T15:08:07.682Z",
"dateUpdated": "2024-10-02T17:26:21.782Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20432
Vulnerability from cvelistv5
Published
2024-10-02 16:53
Modified
2024-10-02 19:49
Severity ?
EPSS score ?
Summary
Cisco Nexus Dashboard Fabric Controller Web UI Command Injection Vulnerability
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Data Center Network Manager |
Version: 12.1(1) Version: 12.0.1a Version: 12.0.2d Version: 12.0.2f Version: 12.1.1 Version: 12.1.1e Version: 12.1.1p Version: 12.1.2e Version: 12.1.2p Version: 12.1.3b Version: 12.2.1 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cisco:data_center_network_manager:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "data_center_network_manager",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "12.0.1a"
},
{
"status": "affected",
"version": "12.0.2d"
},
{
"status": "affected",
"version": "12.0.2f"
},
{
"status": "affected",
"version": "12.1.1"
},
{
"status": "affected",
"version": "12.1.1e"
},
{
"status": "affected",
"version": "12.1.1p"
},
{
"status": "affected",
"version": "12.1.2e"
},
{
"status": "affected",
"version": "12.1.2p"
},
{
"status": "affected",
"version": "12.1.3b"
},
{
"status": "affected",
"version": "12.2.1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20432",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T19:01:38.795750Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T19:49:19.807Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Data Center Network Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "12.0.1a"
},
{
"status": "affected",
"version": "12.0.2d"
},
{
"status": "affected",
"version": "12.0.2f"
},
{
"status": "affected",
"version": "12.1.1"
},
{
"status": "affected",
"version": "12.1.1e"
},
{
"status": "affected",
"version": "12.1.1p"
},
{
"status": "affected",
"version": "12.1.2e"
},
{
"status": "affected",
"version": "12.1.2p"
},
{
"status": "affected",
"version": "12.1.3b"
},
{
"status": "affected",
"version": "12.2.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the REST API and web UI of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to perform a command injection attack against an affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper user authorization and insufficient validation of command arguments. An attacker could exploit this vulnerability by submitting crafted commands to an affected REST API endpoint or through the web UI. A successful exploit could allow the attacker to execute arbitrary commands on the CLI of a Cisco NDFC-managed device with network-admin privileges.\r\n\u0026nbsp;\r\nNote: This vulnerability does not affect Cisco NDFC when it is configured for storage area network (SAN) controller deployment."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:53:15.038Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ndfc-cmdinj-UvYZrKfr",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-cmdinj-UvYZrKfr"
}
],
"source": {
"advisory": "cisco-sa-ndfc-cmdinj-UvYZrKfr",
"defects": [
"CSCwj10299"
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus Dashboard Fabric Controller Web UI Command Injection Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20432",
"datePublished": "2024-10-02T16:53:15.038Z",
"dateReserved": "2023-11-08T15:08:07.667Z",
"dateUpdated": "2024-10-02T19:49:19.807Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20490
Vulnerability from cvelistv5
Published
2024-10-02 16:55
Modified
2024-10-02 17:26
Severity ?
EPSS score ?
Summary
Cisco Nexus Dashboard Fabric Controller and Nexus Dashboard Orchestrator Information Disclosure Vulnerability
References
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Cisco | Cisco Data Center Network Manager |
Version: 12.1.1e Version: 12.1.1p Version: 12.1.2e Version: 12.1.2p Version: 12.1.3b Version: 12.2.1 Version: 12.2.2 |
||||
|
|||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20490",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T17:17:55.986708Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T17:26:15.286Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Data Center Network Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.1.1e"
},
{
"status": "affected",
"version": "12.1.1p"
},
{
"status": "affected",
"version": "12.1.2e"
},
{
"status": "affected",
"version": "12.1.2p"
},
{
"status": "affected",
"version": "12.1.3b"
},
{
"status": "affected",
"version": "12.2.1"
},
{
"status": "affected",
"version": "12.2.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Nexus Dashboard Orchestrator",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.0(1i)"
},
{
"status": "affected",
"version": "1.0(2b)"
},
{
"status": "affected",
"version": "3.7(1d)"
},
{
"status": "affected",
"version": "3.7(1g)"
},
{
"status": "affected",
"version": "3.7(1h)"
},
{
"status": "affected",
"version": "3.7(1j)"
},
{
"status": "affected",
"version": "3.7(1i)"
},
{
"status": "affected",
"version": "3.7(1k)"
},
{
"status": "affected",
"version": "3.7(1l)"
},
{
"status": "affected",
"version": "3.7(2d)"
},
{
"status": "affected",
"version": "3.7(2e)"
},
{
"status": "affected",
"version": "3.7(2f)"
},
{
"status": "affected",
"version": "3.7(2g)"
},
{
"status": "affected",
"version": "3.7(2h)"
},
{
"status": "affected",
"version": "4.1(2e)"
},
{
"status": "affected",
"version": "3.7(2i)"
},
{
"status": "affected",
"version": "4.1(2h)"
},
{
"status": "affected",
"version": "4.2(1d)"
},
{
"status": "affected",
"version": "4.2(1e)"
},
{
"status": "affected",
"version": "4.2(2e)"
},
{
"status": "affected",
"version": "4.2(3e)"
},
{
"status": "affected",
"version": "4.3.(1.1008)"
},
{
"status": "affected",
"version": "4.2(3j)"
},
{
"status": "affected",
"version": "4.2(3k)"
},
{
"status": "affected",
"version": "4.4(1.1009)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller (NDFC) and Cisco Nexus Dashboard Orchestrator (NDO) could allow an attacker with access to a tech support file to view sensitive information.\r\n\r\nThis vulnerability exists because HTTP proxy credentials could be recorded in an internal log that is stored in the tech support file. An attacker could exploit this vulnerability by accessing a tech support file that is generated from an affected system. A successful exploit could allow the attacker to view HTTP proxy server admin credentials in clear text that are configured on Nexus Dashboard to reach an external network.\r\nNote: Best practice is to store debug logs and tech support files safely and to share them only with trusted parties because they may contain sensitive information."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:55:15.650Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ndhs-idv-Bk8VqEDc",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndhs-idv-Bk8VqEDc"
}
],
"source": {
"advisory": "cisco-sa-ndhs-idv-Bk8VqEDc",
"defects": [
"CSCwk96526"
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus Dashboard Fabric Controller and Nexus Dashboard Orchestrator Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20490",
"datePublished": "2024-10-02T16:55:15.650Z",
"dateReserved": "2023-11-08T15:08:07.685Z",
"dateUpdated": "2024-10-02T17:26:15.286Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20441
Vulnerability from cvelistv5
Published
2024-10-02 16:53
Modified
2024-10-02 19:27
Severity ?
EPSS score ?
Summary
Cisco Nexus Dashboard Fabric Controller Unauthorized API Endpoint Vulnerability
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Data Center Network Manager |
Version: 12.1(1) Version: 12.0.1a Version: 12.0.2d Version: 12.0.2f Version: 12.1.1 Version: 12.1.1e Version: 12.1.1p Version: 12.1.2e Version: 12.1.2p Version: 12.1.3b Version: 12.2.1 |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20441",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T19:27:22.871119Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T19:27:38.899Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Data Center Network Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "12.0.1a"
},
{
"status": "affected",
"version": "12.0.2d"
},
{
"status": "affected",
"version": "12.0.2f"
},
{
"status": "affected",
"version": "12.1.1"
},
{
"status": "affected",
"version": "12.1.1e"
},
{
"status": "affected",
"version": "12.1.1p"
},
{
"status": "affected",
"version": "12.1.2e"
},
{
"status": "affected",
"version": "12.1.2p"
},
{
"status": "affected",
"version": "12.1.3b"
},
{
"status": "affected",
"version": "12.2.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to learn sensitive information on an affected device.\r\n\r\nThis vulnerability is due to insufficient authorization controls on the affected REST API endpoint. An attacker could exploit this vulnerability by sending crafted API requests to the\u0026nbsp;affected endpoint. A successful exploit could allow the attacker to download config only or full backup files and learn sensitive configuration information. This vulnerability only affects a specific REST API endpoint and does not affect the web-based management interface."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:53:32.918Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ndhs-uaapi-Jh4V6zpN",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndhs-uaapi-Jh4V6zpN"
}
],
"source": {
"advisory": "cisco-sa-ndhs-uaapi-Jh4V6zpN",
"defects": [
"CSCwk04220"
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus Dashboard Fabric Controller Unauthorized API Endpoint Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20441",
"datePublished": "2024-10-02T16:53:32.918Z",
"dateReserved": "2023-11-08T15:08:07.676Z",
"dateUpdated": "2024-10-02T19:27:38.899Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20438
Vulnerability from cvelistv5
Published
2024-10-02 16:53
Modified
2024-10-02 19:03
Severity ?
EPSS score ?
Summary
Cisco Nexus Dashboard Fabric Controller Unauthorized REST API Vulnerability
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Data Center Network Manager |
Version: 12.1(1) Version: 12.0.1a Version: 12.0.2d Version: 12.0.2f Version: 12.1.1 Version: 12.1.1e Version: 12.1.1p Version: 12.1.2e Version: 12.1.2p Version: 12.1.3b Version: 12.2.1 |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20438",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T19:03:29.049648Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T19:03:38.037Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Data Center Network Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "12.0.1a"
},
{
"status": "affected",
"version": "12.0.2d"
},
{
"status": "affected",
"version": "12.0.2f"
},
{
"status": "affected",
"version": "12.1.1"
},
{
"status": "affected",
"version": "12.1.1e"
},
{
"status": "affected",
"version": "12.1.1p"
},
{
"status": "affected",
"version": "12.1.2e"
},
{
"status": "affected",
"version": "12.1.2p"
},
{
"status": "affected",
"version": "12.1.3b"
},
{
"status": "affected",
"version": "12.2.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the REST API endpoints of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to read or write files on an affected device.\r\n\r\nThis vulnerability exists because of missing authorization controls on some REST API endpoints. An attacker could exploit this vulnerability by sending crafted API requests to an affected endpoint. A successful exploit could allow the attacker to perform limited network-admin functions such as reading device configuration information, uploading files, and modifying uploaded files.\r\nNote: This vulnerability only affects a subset of REST API endpoints and does not affect the web-based management interface."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "Protection Mechanism Failure",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:53:23.486Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ndhs-uaapi-Jh4V6zpN",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndhs-uaapi-Jh4V6zpN"
}
],
"source": {
"advisory": "cisco-sa-ndhs-uaapi-Jh4V6zpN",
"defects": [
"CSCwj09986"
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus Dashboard Fabric Controller Unauthorized REST API Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20438",
"datePublished": "2024-10-02T16:53:23.486Z",
"dateReserved": "2023-11-08T15:08:07.667Z",
"dateUpdated": "2024-10-02T19:03:38.037Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20448
Vulnerability from cvelistv5
Published
2024-10-02 16:54
Modified
2024-10-02 17:26
Severity ?
EPSS score ?
Summary
Cisco Nexus Dashboard Fabric Controller Credential Information Disclosure Vulnerability
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Data Center Network Manager |
Version: 11.2(1) Version: 7.0(2) Version: 10.3(2)IPFM Version: 10.1(1) Version: 7.2(3) Version: 7.2(2) Version: 7.2(1) Version: 11.0(1) Version: 10.4(1) Version: 10.2(1) Version: 7.2(2a) Version: 10.1(2) Version: 7.1(1) Version: 12.1(1) Version: 11.1(1) Version: 10.3(1) Version: 10.3(1)R(1) Version: 7.0(1) Version: 10.0(1) Version: 7.1(2) Version: 11.4(1) Version: 10.4(2) Version: 11.3(1) Version: 11.5(1) Version: 11.5(2) Version: 11.5(3) Version: 12.0.1a Version: 11.5(3a) Version: 12.0.2d Version: 12.0.2f Version: 11.5(4) Version: 12.1.1 Version: 12.1.1e Version: 12.1.1p Version: 12.1.2e Version: 12.1.2p Version: 12.1.3b Version: 12.2.1 |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20448",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T17:18:00.355679Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T17:26:28.808Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Data Center Network Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.2(1)"
},
{
"status": "affected",
"version": "7.0(2)"
},
{
"status": "affected",
"version": "10.3(2)IPFM"
},
{
"status": "affected",
"version": "10.1(1)"
},
{
"status": "affected",
"version": "7.2(3)"
},
{
"status": "affected",
"version": "7.2(2)"
},
{
"status": "affected",
"version": "7.2(1)"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "10.4(1)"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "7.2(2a)"
},
{
"status": "affected",
"version": "10.1(2)"
},
{
"status": "affected",
"version": "7.1(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "11.1(1)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)R(1)"
},
{
"status": "affected",
"version": "7.0(1)"
},
{
"status": "affected",
"version": "10.0(1)"
},
{
"status": "affected",
"version": "7.1(2)"
},
{
"status": "affected",
"version": "11.4(1)"
},
{
"status": "affected",
"version": "10.4(2)"
},
{
"status": "affected",
"version": "11.3(1)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.5(2)"
},
{
"status": "affected",
"version": "11.5(3)"
},
{
"status": "affected",
"version": "12.0.1a"
},
{
"status": "affected",
"version": "11.5(3a)"
},
{
"status": "affected",
"version": "12.0.2d"
},
{
"status": "affected",
"version": "12.0.2f"
},
{
"status": "affected",
"version": "11.5(4)"
},
{
"status": "affected",
"version": "12.1.1"
},
{
"status": "affected",
"version": "12.1.1e"
},
{
"status": "affected",
"version": "12.1.1p"
},
{
"status": "affected",
"version": "12.1.2e"
},
{
"status": "affected",
"version": "12.1.2p"
},
{
"status": "affected",
"version": "12.1.3b"
},
{
"status": "affected",
"version": "12.2.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Nexus Dashboard Fabric Controller (NDFC) software, formerly Cisco Data Center Network Manager (DCNM), could allow an attacker with access to a backup file to view sensitive information.\r\n\r\nThis vulnerability is due to the improper storage of sensitive information within config only and full backup files. An attacker could exploit this vulnerability by parsing the contents of a backup file that is generated from an affected device. A successful exploit could allow the attacker to access sensitive information, including NDFC-connected device credentials, the NDFC site manager private key, and the scheduled backup file encryption key."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-313",
"description": "Cleartext Storage in a File or on Disk",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:54:17.748Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ndfc-cidv-XvyX2wLj",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-cidv-XvyX2wLj"
}
],
"source": {
"advisory": "cisco-sa-ndfc-cidv-XvyX2wLj",
"defects": [
"CSCwj87786"
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus Dashboard Fabric Controller Credential Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20448",
"datePublished": "2024-10-02T16:54:17.748Z",
"dateReserved": "2023-11-08T15:08:07.678Z",
"dateUpdated": "2024-10-02T17:26:28.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20491
Vulnerability from cvelistv5
Published
2024-10-02 16:55
Modified
2024-10-02 17:26
Severity ?
EPSS score ?
Summary
Cisco Nexus Dashboard Insights Information Disclosure Vulnerability
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Nexus Dashboard Insights |
Version: 2.2.2.125 Version: 2.2.2.126 Version: 5.0.1.150 Version: 5.0.1.154 Version: 5.1.0.131 Version: 5.1.0.135 Version: 6.0.1 Version: 6.0.2 Version: 6.1.1 Version: 6.1.2 Version: 6.1.3 Version: 6.2.1 Version: 6.2.2 Version: 6.3.1 |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20491",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T17:17:53.944273Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T17:26:08.329Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Nexus Dashboard Insights",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "2.2.2.125"
},
{
"status": "affected",
"version": "2.2.2.126"
},
{
"status": "affected",
"version": "5.0.1.150"
},
{
"status": "affected",
"version": "5.0.1.154"
},
{
"status": "affected",
"version": "5.1.0.131"
},
{
"status": "affected",
"version": "5.1.0.135"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.1.1"
},
{
"status": "affected",
"version": "6.1.2"
},
{
"status": "affected",
"version": "6.1.3"
},
{
"status": "affected",
"version": "6.2.1"
},
{
"status": "affected",
"version": "6.2.2"
},
{
"status": "affected",
"version": "6.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in a logging function of Cisco Nexus Dashboard Insights could allow an attacker with access to a tech support file to view sensitive information.\r\n\r\nThis vulnerability exists because remote controller credentials are recorded in an internal log that is stored in the tech support file. An attacker could exploit this vulnerability by accessing a tech support file that is generated from an affected system. A successful exploit could allow the attacker to view remote controller admin credentials in clear text.\r\nNote: Best practice is to store debug logs and tech support files safely and to share them only with trusted parties because they may contain sensitive information."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:55:25.503Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ndhs-idv-Bk8VqEDc",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndhs-idv-Bk8VqEDc"
}
],
"source": {
"advisory": "cisco-sa-ndhs-idv-Bk8VqEDc",
"defects": [
"CSCwk96544"
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus Dashboard Insights Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20491",
"datePublished": "2024-10-02T16:55:25.503Z",
"dateReserved": "2023-11-08T15:08:07.685Z",
"dateUpdated": "2024-10-02T17:26:08.329Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20442
Vulnerability from cvelistv5
Published
2024-10-02 16:53
Modified
2024-10-02 19:28
Severity ?
EPSS score ?
Summary
Cisco Nexus Dashboard Unauthorized API Endpoints Vulnerability
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Nexus Dashboard |
Version: 1.1(3e) Version: 1.1(3c) Version: 1.1(3d) Version: 1.1(0d) Version: 1.1(2i) Version: 2.0(1b) Version: 1.1(2h) Version: 1.1(0c) Version: 1.1(3f) Version: 2.1(1d) Version: 2.1(1e) Version: 2.0(2g) Version: 2.0(2h) Version: 2.1(2d) Version: 2.0(1d) Version: 2.2(1h) Version: 2.2(1e) Version: 2.2(2d) Version: 2.1(2f) Version: 2.3(1c) Version: 2.3(2b) Version: 2.3(2c) Version: 2.3(2d) Version: 2.3(2e) Version: 3.0(1f) Version: 3.0(1i) Version: 3.1(1k) Version: 3.1(1l) |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20442",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T19:28:42.874953Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T19:28:58.418Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Nexus Dashboard",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.1(3e)"
},
{
"status": "affected",
"version": "1.1(3c)"
},
{
"status": "affected",
"version": "1.1(3d)"
},
{
"status": "affected",
"version": "1.1(0d)"
},
{
"status": "affected",
"version": "1.1(2i)"
},
{
"status": "affected",
"version": "2.0(1b)"
},
{
"status": "affected",
"version": "1.1(2h)"
},
{
"status": "affected",
"version": "1.1(0c)"
},
{
"status": "affected",
"version": "1.1(3f)"
},
{
"status": "affected",
"version": "2.1(1d)"
},
{
"status": "affected",
"version": "2.1(1e)"
},
{
"status": "affected",
"version": "2.0(2g)"
},
{
"status": "affected",
"version": "2.0(2h)"
},
{
"status": "affected",
"version": "2.1(2d)"
},
{
"status": "affected",
"version": "2.0(1d)"
},
{
"status": "affected",
"version": "2.2(1h)"
},
{
"status": "affected",
"version": "2.2(1e)"
},
{
"status": "affected",
"version": "2.2(2d)"
},
{
"status": "affected",
"version": "2.1(2f)"
},
{
"status": "affected",
"version": "2.3(1c)"
},
{
"status": "affected",
"version": "2.3(2b)"
},
{
"status": "affected",
"version": "2.3(2c)"
},
{
"status": "affected",
"version": "2.3(2d)"
},
{
"status": "affected",
"version": "2.3(2e)"
},
{
"status": "affected",
"version": "3.0(1f)"
},
{
"status": "affected",
"version": "3.0(1i)"
},
{
"status": "affected",
"version": "3.1(1k)"
},
{
"status": "affected",
"version": "3.1(1l)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the REST API endpoints of Cisco Nexus Dashboard could allow an authenticated, low-privileged, remote attacker to perform limited Administrator actions on an affected device.\r\n\r\nThis vulnerability is due to insufficient authorization controls on some REST API endpoints. An attacker could exploit this vulnerability by sending crafted API requests to an affected endpoint. A successful exploit could allow the attacker to perform limited Administrator functions such as viewing portions of the web UI, generating config only or full backup files, and deleting tech support files. This vulnerability only affects a subset of REST API endpoints and does not affect the web-based management interface."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:53:41.383Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ndhs-uaapi-Jh4V6zpN",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndhs-uaapi-Jh4V6zpN"
}
],
"source": {
"advisory": "cisco-sa-ndhs-uaapi-Jh4V6zpN",
"defects": [
"CSCwk04255"
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus Dashboard Unauthorized API Endpoints Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20442",
"datePublished": "2024-10-02T16:53:41.383Z",
"dateReserved": "2023-11-08T15:08:07.676Z",
"dateUpdated": "2024-10-02T19:28:58.418Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20385
Vulnerability from cvelistv5
Published
2024-10-02 16:52
Modified
2024-10-02 19:02
Severity ?
EPSS score ?
Summary
Cisco Nexus Dashboard Orchestrator SSL Certificate Validation Vulnerability
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Nexus Dashboard Orchestrator |
Version: 3.7(1d) Version: 3.7(1g) Version: 3.7(1h) Version: 3.7(1j) Version: 3.7(1i) Version: 3.7(1k) Version: 3.7(1l) Version: 3.7(2d) Version: 3.7(2e) Version: 3.7(2f) Version: 3.7(2g) Version: 3.7(2h) Version: 4.1(2e) Version: 3.7(2i) Version: 4.1(2h) Version: 4.2(1d) Version: 4.2(1e) Version: 4.2(2e) Version: 4.2(3e) Version: 4.3.(1.1008) Version: 4.2(3j) Version: 4.2(3k) |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20385",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T19:02:38.591795Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T19:02:55.769Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Nexus Dashboard Orchestrator",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.7(1d)"
},
{
"status": "affected",
"version": "3.7(1g)"
},
{
"status": "affected",
"version": "3.7(1h)"
},
{
"status": "affected",
"version": "3.7(1j)"
},
{
"status": "affected",
"version": "3.7(1i)"
},
{
"status": "affected",
"version": "3.7(1k)"
},
{
"status": "affected",
"version": "3.7(1l)"
},
{
"status": "affected",
"version": "3.7(2d)"
},
{
"status": "affected",
"version": "3.7(2e)"
},
{
"status": "affected",
"version": "3.7(2f)"
},
{
"status": "affected",
"version": "3.7(2g)"
},
{
"status": "affected",
"version": "3.7(2h)"
},
{
"status": "affected",
"version": "4.1(2e)"
},
{
"status": "affected",
"version": "3.7(2i)"
},
{
"status": "affected",
"version": "4.1(2h)"
},
{
"status": "affected",
"version": "4.2(1d)"
},
{
"status": "affected",
"version": "4.2(1e)"
},
{
"status": "affected",
"version": "4.2(2e)"
},
{
"status": "affected",
"version": "4.2(3e)"
},
{
"status": "affected",
"version": "4.3.(1.1008)"
},
{
"status": "affected",
"version": "4.2(3j)"
},
{
"status": "affected",
"version": "4.2(3k)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard Orchestrator (NDO) could allow an unauthenticated, remote attacker to intercept sensitive information from an affected device.\u0026nbsp;\r\n\r\nThis vulnerability exists because the Cisco NDO Validate Peer Certificate site management feature validates the certificates for Cisco Application Policy Infrastructure Controller (APIC), Cisco Cloud Network Controller (CNC), and Cisco Nexus Dashboard only when a new site is added or an existing one is reregistered. An attacker could exploit this vulnerability by using machine-in-the-middle techniques to intercept the traffic between the affected device and Cisco NDO and then using a crafted certificate to impersonate the affected device. A successful exploit could allow the attacker to learn sensitive information during communications between these devices."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "Improper Certificate Validation",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:52:55.860Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ndo-tlsvld-FdUF3cpw",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndo-tlsvld-FdUF3cpw"
}
],
"source": {
"advisory": "cisco-sa-ndo-tlsvld-FdUF3cpw",
"defects": [
"CSCwi72006"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Nexus Dashboard Orchestrator SSL Certificate Validation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20385",
"datePublished": "2024-10-02T16:52:55.860Z",
"dateReserved": "2023-11-08T15:08:07.658Z",
"dateUpdated": "2024-10-02T19:02:55.769Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.