2 matches found
CVE-2021-34765 Cisco Nexus Insights Authenticated Information Disclosure Vulnerability
A vulnerability in the web UI for Cisco Nexus Insights could allow an authenticated, remote attacker to view and download files related to the web application. The attacker requires valid device credentials. This vulnerability exists because proper role-based access control RBAC filters are not...
CVE-2021-34765
Cisco Nexus Insights suffers an authenticated information-disclosure vulnerability in its web UI where RBAC filters are not applied to file download actions. An attacker with valid device credentials can log in and access the directory listing to download restricted files, exposing sensitive info...