Nexus Dashboard Fabric Controller@12.0.0 Security Vulnerabilities and Issues — Nexus Dashboard Fabric Controller@12.0.0 CVE List

Lucene search

CiscoNexus Dashboard Fabric Controller12.0.0

7 matches found

CVE•added 2024/10/02 5:15 p.m.•93 views

CVE-2024-20432

A vulnerability in the REST API and web UI of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to perform a command injection attack against an affected device. This vulnerability is due to improper user authorization and insufficient vali...

9.9CVSS9.8AI score0.01104EPSS

CVE•added 2024/10/02 5:15 p.m.•71 views

CVE-2024-20442

A vulnerability in the REST API endpoints of Cisco Nexus Dashboard could allow an authenticated, low-privileged, remote attacker to perform limited Administrator actions on an affected device. This vulnerability is due to insufficient authorization controls on some REST API endpoints. An attacker c...

5.4CVSS5.2AI score0.00086EPSS

CVE•added 2024/10/02 5:15 p.m.•69 views

CVE-2024-20477

A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to upload or delete files on an affected device. This vulnerability exists because of missing authorization controls on the affected REST API endpoint. An attacker could explo...

5.4CVSS5.4AI score0.00253EPSS

CVE•added 2024/10/02 5:15 p.m.•66 views

CVE-2024-20438

A vulnerability in the REST API endpoints of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to read or write files on an affected device. This vulnerability exists because of missing authorization controls on some REST API endpoints. An attacker could exploit this vulnerab...

6.3CVSS5.7AI score0.00075EPSS

CVE•added 2024/04/03 5:15 p.m.•65 views

CVE-2024-20281

A vulnerability in the web-based management interface of Cisco Nexus Dashboard and Cisco Nexus Dashboard hosted services could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to insufficient CSRF protec...

8.8CVSS7.4AI score0.01524EPSS

CVE•added 2024/10/02 5:15 p.m.•62 views

CVE-2024-20441

A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to learn sensitive information on an affected device. This vulnerability is due to insufficient authorization controls on the affected REST API endpoint. An attacker could exp...

6.5CVSS5.6AI score0.00066EPSS

CVE•added 2024/10/02 5:15 p.m.•40 views

CVE-2024-20449

A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device. This vulnerability is due to improper path validation. An attacker could exploit this vulnerability by using the Secur...

8.8CVSS8.9AI score0.01132EPSS