Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco nexus dashboard vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-20281
A vulnerability in the web-based management interface of Cisco Nexus Dashboard and Cisco Nexus Dashboard hosted services could allow an unauthenticated, remote malicious user to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to...
NA
CVE-2024-20282
A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid rescue-user credentials to elevate privileges to root on an affected device. This vulnerability is due to insufficient protections for a sensitive access token. An attacker could expl...
NA
CVE-2024-20283
A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote malicious user to learn cluster deployment information on an affected device. This vulnerability is due to improper access controls on a specific API endpoint. An attacker could exploit this vulnerabili...
NA
CVE-2024-20302
A vulnerability in the tenant security implementation of Cisco Nexus Dashboard Orchestrator (NDO) could allow an authenticated, remote malicious user to modify or delete tenant templates on an affected system. This vulnerability is due to improper access controls within tenant se...
NA
CVE-2024-20348
A vulnerability in the Out-of-Band (OOB) Plug and Play (PnP) feature of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an unauthenticated, remote malicious user to read arbitrary files. This vulnerability is due to an unauthenticated provisioning web server. An attack...
1 Article
7.4
CVSSv3
CVE-2023-20185
A vulnerability in the Cisco ACI Multi-Site CloudSec encryption feature of Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an unauthenticated, remote malicious user to read or modify intersite encrypted traffic. This vulnerability is due to an issue with the imple...
Cisco Nx-os 14.0\\(1h\\)
Cisco Nx-os 14.0\\(2c\\)
Cisco Nx-os 14.0\\(3c\\)
Cisco Nx-os 14.0\\(3d\\)
Cisco Nx-os 14.1\\(1i\\)
Cisco Nx-os 14.1\\(1j\\)
Cisco Nx-os 14.1\\(1k\\)
Cisco Nx-os 14.1\\(1l\\)
Cisco Nx-os 14.1\\(2g\\)
Cisco Nx-os 14.1\\(2m\\)
Cisco Nx-os 14.1\\(2o\\)
Cisco Nx-os 14.1\\(2s\\)
Cisco Nx-os 14.1\\(2u\\)
Cisco Nx-os 14.1\\(2w\\)
Cisco Nx-os 14.1\\(2x\\)
Cisco Nx-os 14.2\\(1i\\)
Cisco Nx-os 14.2\\(1j\\)
Cisco Nx-os 14.2\\(1l\\)
Cisco Nx-os 14.2\\(2e\\)
Cisco Nx-os 14.2\\(2f\\)
Cisco Nx-os 14.2\\(2g\\)
Cisco Nx-os 14.2\\(3j\\)
7.5
CVSSv3
CVE-2023-20014
A vulnerability in the DNS functionality of Cisco Nexus Dashboard Software could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of DNS requests. An attacker could exploit this vuln...
Cisco Nexus Dashboard
6.1
CVSSv3
CVE-2023-20053
A vulnerability in the web-based management interface of Cisco Nexus Dashboard could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. This vulnerability is du...
Cisco Nexus Dashboard
8.8
CVSSv3
CVE-2022-20921
A vulnerability in the API implementation of Cisco ACI Multi-Site Orchestrator (MSO) could allow an authenticated, remote malicious user to elevate privileges on an affected device. This vulnerability is due to improper authorization on specific APIs. An attacker could exploit th...
Cisco Aci Multi-site Orchestrator
6.5
CVSSv3
CVE-2022-20913
A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote malicious user to write arbitrary files on an affected device. This vulnerability is due to insufficient input validation in the web-based management interface of Cisco Nexus Dashboard. An attacker with...
Cisco Nexus Dashboard
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »