Cisco Nexus Dashboard Flaw Let Attackers Read Arbitrary Files


Cisco Nexus Dashboard Fabric Controller is a network management platform for all NX-OS-enabled devices. It enables data center operation teams to perform deep-dive troubleshooting and maintenance operations. 

A new vulnerability has been discovered in the Cisco Nexus Dashboard Fabric Controller, which was associated with the Out-of-band (OOB) Plug and Play (PnP) feature.

This vulnerability allows an unauthenticated remote threat actor to read arbitrary files on the affected devices.

Cisco Nexus Dashboard Flaw Let Attackers Read Arbitrary Files

However, Cisco has patched this vulnerability and released a security advisory to address it. This vulnerability has been assigned CVE-2024-20348, and the severity has been given as 7.5 (High).

According to the reports shared with Cyber Security News, this vulnerability exists due to an unauthenticated provisioning web server, which a threat actor can exploit by sending direct web requests to the server.

Document

Stop Advanced Phishing Attack With AI

Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Stopping 99% of phishing attacks missed by
other email security solutions. .


If the exploitation is successful, the threat actor can read sensitive files in the PnP container, which can be used to escalate harmful attacks on the PnP infrastructure. Cisco has stated that there are no workarounds for mitigating this vulnerability.

Products affected by this vulnerability include NDFC Release 12.1.3b with a default configuration.

In fact, the Cisco Nexus Dashboard hosting this NDFC is deployed as a cluster that connects each service node to the data and management networks. 

Nevertheless, the scope of this vulnerability is limited to data network interfaces and does not impact the management interfaces. Moreover, there has been no evidence of threat actors exploiting this vulnerability in the wild.

Fixed In Release

Cisco NDFC Release First Fixed Release
12.1.2 and earlier Not vulnerable.
12.1.3 Migrate to a fixed release.
12.2.11 Not vulnerable.

It is recommended that users of the Cisco Nexus Dashboard upgrade to the latest version to prevent threat actors from exploiting this vulnerability.

Secure your emails in a heartbeat! Take Trustifi free 30-second assessment and get matched with your ideal email security vendor - Try Here



Source link