Cisco Patched Multiple Security Vulnerabilities In Nexus Dashboard

Cisco Patched Multiple Security Vulnerabilities

Cisco has addressed several vulnerabilities in its Nexus Dashboard. Taking advantage of these vulnerabilities can allow attackers to perform CSRF attacks or execute arbitrary code. | Cisco Patched Multiple Security Vulnerabilities In Nexus Dashboard

Cisco Nexus Dashboard Vulnerabilities

In a recent advisory detailing the security issues, Cisco has confirmed fixing three separate vulnerabilities in the Nexus Dashboard.

Cisco’s Nexus Dashboard is a dedicated cloud network dashboard that enables users to monitor and manage the operations of the entire data center infrastructure. Unfortunately, these critical functionalities also mean that any security vulnerabilities affecting this device will directly put the security of the network at risk.

Describing the impact of these vulnerabilities, the advisory reads,

Cisco Nexus Dashboard is deployed as a cluster, connecting each service node to two networks: -Data network (fabric0, fabric1) -Management network (mgmt0, mgmt1) The scope of these exploits can be limited to the network interfaces that have exposure.

Specifically, Cisco has addressed the following three vulnerabilities in the tool.

CVE-2022-20857 (critical severity; CVSS 9.8): insufficient access controls in a specific API allowed an unauthenticated, remote adversary to execute arbitrary codes on the target system. Exploiting the flaw merely required the attacker to send maliciously crafted HTTP requests to the API.

CVE-2022-20861 (high-severity; CVSS 8.8.): poor CSRF protections in the Nexus Dashboard web UI allowed an unauthenticated, remote attacker to conduct cross-site request forgery (CSRF) attacks. An adversary could convince the target authenticated user to click on a maliciously crafted link to trigger the bug. Once done, the flaw would provide the attacker admin access to the system, empowering the attacker to perform any intended actions.

CVE-2022-20858 (high-severity; CVSS 8.2): the service managing container images has poor access controls. Hence, an unauthenticated, remote adversary could trigger the flaw by opening a TCP connection to the vulnerable device. Once done, the adversary could then upload malicious container images or download the existing container images.

Patches Deployed

Cisco has addressed all three vulnerabilities with the Nexus Dashboard releases 1.1, 2.0, 2.1, and 2.2. Besides, the vendors confirmed no viable workarounds for the flaws, urging users to update their systems at the earliest to stay safe. | Cisco Patched Multiple Security Vulnerabilities In Nexus Dashboard