Lucene search
K

22 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2024-18147

Malicious code in bioql PyPI...

9.9CVSS6.8AI score0.01142EPSS
Exploits0References1
NVD
NVD
added 2025/08/27 5:15 p.m.4 views

CVE-2025-20348

A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, low-privileged, remote attacker to view sensitive information or upload and modify files on an affected device. This vulnerability exists because of...

5CVSS0.00273EPSS
Exploits0References1
OSV
OSV
added 2025/08/27 5:15 p.m.6 views

CVE-2025-20347

A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, low-privileged, remote attacker to view sensitive information or upload and modify files on an affected device. This vulnerability exists because of...

5.4CVSS5.8AI score0.00232EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/27 4:22 p.m.6 views

CVE-2025-20347 Cisco Nexus Dashboard Fabric Controller Unauthorized REST API Vulnerability

A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, low-privileged, remote attacker to view sensitive information or upload and modify files on an affected device. This vulnerability exists because of...

5.4CVSS0.00232EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/27 4:22 p.m.4 views

CVE-2025-20347 Cisco Nexus Dashboard Fabric Controller Unauthorized REST API Vulnerability

A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, low-privileged, remote attacker to view sensitive information or upload and modify files on an affected device. This vulnerability exists because of...

5.4CVSS6.3AI score0.00232EPSS
Exploits0References1
Cisco
Cisco
added 2025/06/04 4:0 p.m.7 views

Cisco Nexus Dashboard Fabric Controller SSH Host Key Validation Vulnerability

A vulnerability in the SSH implementation of Cisco Nexus Dashboard Fabric Controller NDFC could allow an unauthenticated, remote attacker to impersonate Cisco NDFC-managed devices. This vulnerability is due to insufficient SSH host key validation. An attacker could exploit this vulnerability by...

8.7CVSS6.9AI score0.00365EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/11/25 12:0 a.m.5 views

The vulnerability of the application software interface of the Cisco Nexus Dashboard Fabric Controller (NDFC) lies in the lack of authentication, which allows a malicious actor to influence the integrity of the protected information.

The vulnerability of the application software interface of the Cisco Nexus Dashboard Fabric Controller NDFC relates to the absence of authentication. Exploiting this vulnerability can allow a malicious actor to influence the integrity of the protected information...

6.5CVSS5.5AI score0.00362EPSS
Exploits0References4Affected Software2
NVD
NVD
added 2024/10/02 5:15 p.m.19 views

CVE-2024-20449

A vulnerability in Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device. This vulnerability is due to improper path validation. An attacker could exploit this vulnerability by using the Secur...

8.8CVSS0.00938EPSS
Exploits0References1
NVD
NVD
added 2024/10/02 5:15 p.m.50 views

CVE-2024-20432

A vulnerability in the REST API and web UI of Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, low-privileged, remote attacker to perform a command injection attack against an affected device. This vulnerability is due to improper user authorization and insufficient...

9.9CVSS0.01142EPSS
Exploits0References1
CVE
CVE
added 2024/10/02 4:55 p.m.61 views

CVE-2024-20490

The CVE-2024-20490 issue affects Cisco Nexus Dashboard Fabric Controller (NDFC) and Nexus Dashboard Orchestrator (NDO). Root cause: HTTP proxy credentials can be recorded in internal logs stored in tech support files, exposing admin credentials in clear text when those files are accessed. Impact:...

8.6CVSS6.5AI score0.00277EPSS
Exploits0References1Affected Software3
CVE
CVE
added 2024/10/02 4:54 p.m.55 views

CVE-2024-20449

CVE-2024-20449 affects Cisco Nexus Dashboard Fabric Controller (NDFC). The issue is due to improper path validation, enabling an authenticated, low-privilege remote attacker to upload malicious code via SCP using path traversal, potentially executing arbitrary code inside a container with root pr...

8.8CVSS8.9AI score0.00938EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/10/02 4:54 p.m.32 views

CVE-2024-20448 Cisco Nexus Dashboard Fabric Controller Credential Information Disclosure Vulnerability

A vulnerability in the Cisco Nexus Dashboard Fabric Controller NDFC software, formerly Cisco Data Center Network Manager DCNM, could allow an attacker with access to a backup file to view sensitive information. This vulnerability is due to the improper storage of sensitive information within conf...

6.3CVSS0.00116EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/02 4:54 p.m.13 views

CVE-2024-20448 Cisco Nexus Dashboard Fabric Controller Credential Information Disclosure Vulnerability

A vulnerability in the Cisco Nexus Dashboard Fabric Controller NDFC software, formerly Cisco Data Center Network Manager DCNM, could allow an attacker with access to a backup file to view sensitive information. This vulnerability is due to the improper storage of sensitive information within conf...

6.3CVSS6.2AI score0.00116EPSS
Exploits0References1
CVE
CVE
added 2024/10/02 4:54 p.m.77 views

CVE-2024-20444

CVE-2024-20444 affects Cisco Nexus Dashboard Fabric Controller (NDFC). Root cause: insufficient validation of command arguments in a REST API endpoint, enabling an authenticated, network-admin-user to perform a command-injection attack. Potential impact per sources: ability to overwrite sensitive...

5.5CVSS5.9AI score0.00755EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/10/02 4:53 p.m.21 views

CVE-2024-20438 Cisco Nexus Dashboard Fabric Controller Unauthorized REST API Vulnerability

A vulnerability in the REST API endpoints of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to read or write files on an affected device. This vulnerability exists because of missing authorization controls on some REST API endpoints. An attacker could exploit this...

6.3CVSS0.00362EPSS
Exploits0References1
Cisco
Cisco
added 2024/10/02 4:0 p.m.11 views

Cisco Nexus Dashboard Fabric Controller Configuration Backup Information Disclosure Vulnerability

A vulnerability in the Cisco Nexus Dashboard Fabric Controller NDFC software, formerly Cisco Data Center Network Manager DCNM, could allow an attacker with access to a backup file to view sensitive information. This vulnerability is due to the improper storage of sensitive information within conf...

6.3CVSS7AI score0.00116EPSS
Exploits0References1
Cisco
Cisco
added 2024/10/02 4:0 p.m.14 views

Cisco Nexus Dashboard and Nexus Dashboard Fabric Controller Unauthorized REST API Vulnerabilities

Multiple vulnerabilities in the REST APIs of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, low-privileged, remote attacker to perform a limited set of network-admin functions on an affected device. For more information about these...

6.3CVSS5.6AI score0.00463EPSS
Exploits0References1
CVE
CVE
added 2024/04/03 4:25 p.m.93 views

CVE-2024-20348

CVE-2024-20348 affects Cisco Nexus Dashboard Fabric Controller (NDFC) and its Out-of-Band Plug and Play (PnP) feature. The issue arises from an unauthenticated provisioning web server, enabling an unauthenticated, remote attacker to read arbitrary files in the PnP container. Impact is read access...

7.5CVSS7AI score0.00803EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/04/03 4:25 p.m.13 views

CVE-2024-20348

A vulnerability in the Out-of-Band OOB Plug and Play PnP feature of Cisco Nexus Dashboard Fabric Controller NDFC could allow an unauthenticated, remote attacker to read arbitrary files. This vulnerability is due to an unauthenticated provisioning web server. An attacker could exploit this...

7.5CVSS7.1AI score0.00803EPSS
Exploits0References1
NVD
NVD
added 2022/07/21 4:15 a.m.31 views

CVE-2022-20860

A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to alter communications with associated controllers or view sensitive information. This vulnerability exists because SSL server certificates are not validated when Cisco Nexus...

7.4CVSS0.00456EPSS
Exploits0References1
Rows per page
Query Builder