Request a Demo
Rewterz
Rewterz Threat Advisory – Multiple Linux Kernel Vulnerabilities
July 26, 2022
Rewterz
Rewterz Threat Advisory – CVE-2022-20916 – Cisco IoT Control Center Vulnerability
July 26, 2022

Rewterz Threat Advisory – Multiple Cisco Nexus Dashboard Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2022-20860 CVSS:7.4
Cisco Nexus Dashboard is vulnerable to a man-in-the-middle attack, caused by the lack of validation of SSL server certificates when Cisco Nexus Dashboard is establishing a connection to Cisco Application Policy Infrastructure Controller (APIC), Cisco Cloud APIC, or Cisco Nexus Dashboard Fabric Controller, formerly Data Center Network Manager (DCNM) controllers. By using man-in-the-middle techniques to intercept the traffic between the affected device and the controllers, and then using a crafted certificate to impersonate the controllers, a remote attacker could exploit this vulnerability to alter communications with associated controllers or view sensitive information.

CVE-2022-20906 CVSS:6
Cisco Nexus Dashboard could allow a local authenticated attacker to gain elevated privileges on the system, caused by insufficient input validation during CLI command execution on an affected device. By using a malicious payload, an attacker could exploit this vulnerability to authenticate as the rescue-user, execute vulnerable CLI commands, and gain root privileges on the affected device.

CVE-2022-20907 CVSS:6
Cisco Nexus Dashboard could allow a local authenticated attacker to gain elevated privileges on the system, caused by insufficient input validation during CLI command execution on an affected device. By using a malicious payload, an attacker could exploit this vulnerability to authenticate as the rescue-user, execute vulnerable CLI commands, and gain root privileges on the affected device.

CVE-2022-20908 CVSS:6\Cisco Nexus Dashboard could allow a local authenticated attacker to gain elevated privileges on the system, caused by insufficient input validation during CLI command execution on an affected device. By using a malicious payload, an attacker could exploit this vulnerability to authenticate as the rescue-user, execute vulnerable CLI commands, and gain root privileges on the affected device.

CVE-2022-20909 CVSS:6
Cisco Nexus Dashboard could allow a local authenticated attacker to gain elevated privileges on the system, caused by insufficient input validation during CLI command execution on an affected device. By using a malicious payload, an attacker could exploit this vulnerability to authenticate as the rescue-user, execute vulnerable CLI commands, and gain root privileges on the affected device.

Impact

  • Unauthorized Access
  • Privilege Escalation

Indicators Of Compromise

CVE

  • CVE-2022-20860
  • CVE-2022-20906
  • CVE-2022-20907
  • CVE-2022-20908
  • CVE-2022-20909

Affected Vendors

Cisco

Affected Products

  • Cisco Nexus Dashboard 1.1
  • Cisco Nexus Dashboard 2.0
  • Cisco Nexus Dashboard 2.1
  • Cisco Nexus Dashboard 2.2

Remediation

Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.
Cisco Security Advisory