Cyber Security

Cisco patches dangerous bug trio in Nexus Dashboard

Serious vulnerabilities in Cisco Nexus Dashboard give attackers a viable path to executing arbitrary commands as root, uploading container image files, or performing cross-site request forgery (CSRF) attacks.

Discovered via internal testing, the trio of unauthenticated bugs – one critical, two high severity – have been patched in the data center management platform’s latest software update.

Cisco said it was not aware of any in-the-wild malicious abuse of the vulnerability.

Vulnerable API

The most severe issue, notching a critical CVSS score of 9.8, could allow an attacker to access a vulnerable API running in the data network and execute arbitrary commands (CVE-2022-20857).

The vulnerability can be abused by sending crafted HTTP requests to the API, which, thanks to insufficient access controls, means an attacker can “execute arbitrary commands as the root user in any pod on a node”, reads a security advisory published on July 20.

The most severe of two high severity issues is the CSRF bug (CVSS 8.8), which exists in the web UI running in the management network.

The vulnerability (CVE-2022-20861) is exploitable “by persuading an authenticated administrator of the web-based management interface to click a malicious link”, said Cisco. Should they achieve this, attackers could then “perform actions with Administrator privileges on an affected device”.

Finally, a flaw with a CVSS rating of 8.2 (CVE-2022-20858) exposes the service that manages container images in both the data and management networks.

Arising due to insufficient access controls, the vulnerability can be exploited “by opening a TCP connection to the affected service” and downloading container images or uploading malicious container images to an affected device. “The malicious images would be run after the device has rebooted or a pod has restarted,” added Cisco.

Vulnerable versions of Cisco Nexus Dashboard – formerly known as Cisco Application Services Engine – are 1.1, 2.0, 2.1, and 2.2 (although version 1.1 is not affected by CVE-2022-20858). All three flaws have been addressed in version 2.2(1e).

Cisco was unable to provide workarounds to mitigate risks.

Source: https://portswigger.net/daily-swig/cisco-patches-dangerous-bug-trio-in-nexus-dashboard

Click to comment

You May Also Like

Cyber Security

New capabilities in Google Workspace will help enterprises improve account and data security, by making unauthorized takeover of admin and user accounts and exfiltration...

Cyber Security

North Korean state-sponsored hackers Lazarus Group have been exploiting a ManageEngine ServiceDesk vulnerability (CVE-2022-47966) to target internet backbone infrastructure and healthcare institutions in Europe...

Cyber Security

Apache has resolved a vulnerability potentially exploitable to launch remote code execution (RCE) attacks using Kafka Connect. Announced on February 8, the critical vulnerability...

Cyber Security

Security analysis tool Binwalk itself poses a security risk to users running out-of-date versions due to a path traversal vulnerability that could lead to...

Copyright © 2023 Newsworthy News | Global | Political | Local | All News | Website By: Top Search SEO

Exit mobile version