Nexus Dashboard@* Security Vulnerabilities and Issues — Nexus Dashboard@* CVE List

Lucene search

CiscoNexus Dashboard*

7 matches found

CVE•added 2024/04/03 5:15 p.m.•77 views

CVE-2024-20283

A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote attacker to learn cluster deployment information on an affected device. This vulnerability is due to improper access controls on a specific API endpoint. An attacker could exploit this vulnerability by sending queries to ...

4.3CVSS6.6AI score0.00165EPSS

CVE•added 2024/10/02 5:15 p.m.•70 views

CVE-2024-20442

A vulnerability in the REST API endpoints of Cisco Nexus Dashboard could allow an authenticated, low-privileged, remote attacker to perform limited Administrator actions on an affected device. This vulnerability is due to insufficient authorization controls on some REST API endpoints. An attacker c...

5.4CVSS5.2AI score0.00081EPSS

CVE•added 2024/10/02 5:15 p.m.•68 views

CVE-2024-20477

A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to upload or delete files on an affected device. This vulnerability exists because of missing authorization controls on the affected REST API endpoint. An attacker could explo...

5.4CVSS5.4AI score0.00239EPSS

CVE•added 2024/10/02 5:15 p.m.•65 views

CVE-2024-20438

A vulnerability in the REST API endpoints of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to read or write files on an affected device. This vulnerability exists because of missing authorization controls on some REST API endpoints. An attacker could exploit this vulnerab...

6.3CVSS5.7AI score0.00071EPSS

CVE•added 2024/04/03 5:15 p.m.•63 views

CVE-2024-20281

A vulnerability in the web-based management interface of Cisco Nexus Dashboard and Cisco Nexus Dashboard hosted services could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to insufficient CSRF protec...

8.8CVSS7.4AI score0.01127EPSS

CVE•added 2024/10/02 5:15 p.m.•61 views

CVE-2024-20441

A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to learn sensitive information on an affected device. This vulnerability is due to insufficient authorization controls on the affected REST API endpoint. An attacker could exp...

6.5CVSS5.6AI score0.00063EPSS

CVE•added 2024/04/03 5:15 p.m.•55 views

CVE-2024-20282

A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid rescue-user credentials to elevate privileges to root on an affected device. This vulnerability is due to insufficient protections for a sensitive access token. An attacker could exploit this vulnerabil...

6CVSS6.7AI score0.00038EPSS