Cisco Nexus Dashboard Path Traversal Vulnerability
TL;DR 📌
A medium-severity path traversal vulnerability has been identified in Cisco Nexus Dashboard, allowing authenticated remote attackers to gain root privileges. No workarounds are available, and users are advised to upgrade to fixed software releases.
What happened 🕵️♂️
A vulnerability in the backup restore functionality of Cisco Nexus Dashboard could allow an authenticated, remote attacker to conduct a path traversal attack. This issue arises from insufficient validation of backup file contents. An attacker with valid Administrator credentials could exploit this vulnerability by restoring a crafted backup file, potentially gaining root privileges on the affected device.
Affected products 🖥️
The vulnerability affects Cisco Nexus Dashboard, regardless of device configuration. The following products are confirmed not to be vulnerable:
- Nexus Dashboard Fabric Controller (NDFC)
- Nexus Dashboard Insights
- Nexus Dashboard Orchestrator (NDO)
Fixed software 🔧
Upgrade to the first fixed release in your train (or later):
| Release / Product | First Fixed Release | Notes |
|---|---|---|
| 3.2 and earlier | Migrate to a fixed release. | |
| 4.1 | 4.1(1g) | |
| 1.0 | Initial public release. | |
| Cisco Nexus Dashboard | 4.1(1g) | 3.2 and earlier |
Workarounds 🧯
There are no workarounds available to address this vulnerability.
Risk in context 🎯
The vulnerability has a CVSS score of 6.5, indicating a medium risk level. While exploitation requires authenticated access, the potential for an attacker to gain root privileges poses a significant threat to affected systems.
Fast facts ⚡
- Vulnerability: Path traversal in Cisco Nexus Dashboard
- CVSS Score: 6.5 (Medium)
- Exploitation: Requires valid Administrator credentials
- Workarounds: None available
- Fixed Software: Upgrade to specified fixed releases
For leadership 🧭
This vulnerability presents a medium risk to our organization, with a CVSS score of 6.5. It requires authenticated access, limiting exposure primarily to internal threats. However, successful exploitation could allow attackers to gain root access, which could lead to significant operational disruptions.
Remediation ask: Patch affected systems within 30 days to ensure security compliance.
Operational impact: Upgrading may require a brief maintenance window, with no expected configuration drift.
Now / Next / Later:
- Now: Review affected systems and identify those running vulnerable versions of Cisco Nexus Dashboard.
- Next: Schedule upgrades to fixed releases as outlined in the advisory.
- Later: Monitor for any signs of exploitation or unusual activity related to this vulnerability.