Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Cisco Patches Severe Vulnerabilities in Nexus Dashboard

Cisco on Wednesday announced the availability of patches for multiple vulnerabilities in Nexus Dashboard, including a critical-severity issue that could lead to the execution of arbitrary commands.

Cisco on Wednesday announced the availability of patches for multiple vulnerabilities in Nexus Dashboard, including a critical-severity issue that could lead to the execution of arbitrary commands.

The Nexus Dashboard is a data center management console that provides administrators and operators with quick access to required resources across services and applications.

The most severe of the newly resolved vulnerabilities affecting the console is CVE-2022-20857 (CVSS score of 9.8), which could allow a remote, unauthenticated attacker to access a specific API and execute arbitrary commands.

“The vulnerability is due to insufficient access controls for a specific API. An attacker could exploit this vulnerability by sending crafted HTTP requests to the affected API. A successful exploit could allow the attacker to execute arbitrary commands as the root user in any pod on a node,” Cisco explains.

In its advisory, Cisco also details CVE-2022-20861 and CVE-2022-20858, two high-severity security bugs in Nexus Dashboard that could lead to cross-site request forgery (CSRF) attacks and to the uploading of malicious container images, respectively.

The first of the bugs exists because the web UI on affected devices does not have sufficient CSRF protections. An attacker who convinces an authenticated administrator to click on a malicious link may perform actions on a vulnerable device, with administrator privileges.

The second issue exists because a service that manages container images does not have sufficient access controls, thus allowing an attacker to open a TCP connection to the affected service and download container images and upload malicious images that would run after a device reboot.

All three vulnerabilities were resolved with the release of Nexus Dashboard 2.2(1e). Users of Nexus Dashboard 1.1, 2.0, and 2.1 are advised to upgrade to the fixed release as soon as possible.

Advertisement. Scroll to continue reading.

This week, Cisco also resolved a high-severity security issue in the SSL/TLS implementation of Nexus Dashboard, which could allow a remote, unauthenticated attacker to tamper with the communication with associated controllers, or access sensitive information.

Because of improper validation of SSL server certificates when Nexus Dashboard connects to Application Policy Infrastructure Controller (APIC), Cloud APIC, or Nexus Dashboard Fabric Controller, an attacker may use man-in-the-middle techniques to intercept traffic between the device and the controllers, and then impersonate the controllers.

“A successful exploit could allow the attacker to alter communications between devices or view sensitive information, including Administrator credentials for these controllers,” Cisco explains.

Tracked as CVE-2022-20860, the vulnerability has been resolved with the release of Nexus Dashboard 2.2(1h).

Cisco says it is not aware of any of these vulnerabilities being exploited in attacks.

Related: Cisco Patches Critical Vulnerability in Email Security Appliance

Related: Cisco Warns of Exploitation Attempts Targeting New IOS XR Vulnerability

Related: Cisco Patches 11 High-Severity Vulnerabilities in Security Products

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.

Register

People on the Move

Data security startup Reco adds Merritt Baer as CISO

Chris Pashley has been named CISO at Advanced Research Projects Agency for Health (ARPA-H).

Satellite cybersecurity company SpiderOak has named Kip Gering as its new Chief Revenue Officer.

More People On The Move

Expert Insights