Cyber Security News

Cisco Nexus Vulnerability Let Hackers Execute Arbitrary Commands on Vulnerable Systems

A critical vulnerability has been discovered in Cisco’s Nexus Dashboard Fabric Controller (NDFC), potentially allowing hackers to execute arbitrary commands on affected systems.

This flaw, identified as CVE-2024-20432, was first published on October 2, 2024. Its CVSS score of 9.9 indicates its severe impact.

Vulnerability Details

The vulnerability resides in the Cisco NDFC’s REST API and web UI. It could enable an authenticated, low-privileged remote attacker to perform a command injection attack.

This is due to improper user authorization and insufficient validation of command arguments.

Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try for Free

By exploiting this flaw, attackers can execute arbitrary commands on the command-line interface (CLI) of a Cisco NDFC-managed device with network-admin privileges. 

This vulnerability does not affect Cisco NDFC when configured for storage area network (SAN) controller deployment. However, other implementations remain at risk.

Cisco has confirmed that there are no workarounds for this vulnerability. The company has released software updates to address the issue and urges customers to upgrade their systems promptly.

Affected users can obtain these updates through their usual channels if they have a service contract with Cisco.

Affected and Unaffected Products

The vulnerability affects Cisco NDFC but does not impact Nexus Dashboard Insights or Nexus Dashboard Orchestrator (NDO).

Users are advised to review the advisory for detailed information on vulnerable software releases and to ensure they upgrade to a fixed version as soon as possible.

Cisco advises all users to regularly consult security advisories and ensure their systems are running supported software versions.

Free Webinar on How to Protect Small Businesses Against Advanced Cyberthreats -> Free Registration

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

QSC: Multi-Plugin Malware Framework Installs Backdoor on Windows

The QSC Loader service DLL named "loader.dll" leverages two distinct methods to obtain the path…

2 days ago

Weaponized LDAP Exploit Deploys Information-Stealing Malware

Cybercriminals are exploiting the recent critical LDAP vulnerabilities (CVE-2024-49112 and CVE-2024-49113) by distributing fake proof-of-concept…

2 days ago

New NonEuclid RAT Evades Antivirus and Encrypts Critical Files

A NonEuclid sophisticated C# Remote Access Trojan (RAT) designed for the.NET Framework 4.8 has been…

2 days ago

Hackers Targeting Users Who Lodged Complaints On Government portal To Steal Credit Card Data

Fraudsters in the Middle East are exploiting a vulnerability in the government services portal. By…

2 days ago

Juniper Networks Vulnerability Let Remote Attacker Execute Network Attacks

Juniper Networks has disclosed a significant vulnerability affecting its Junos OS and Junos OS Evolved…

2 days ago

Beware! Fake Crowdstrike Recruitment Emails Spread Cryptominer Malware

CrowdStrike, a leader in cybersecurity, uncovered a sophisticated phishing campaign that leverages its recruitment branding…

2 days ago