![Five Nights At Freddy's – Walkthrough [1] DON'T WATCH AT NIGHT!! (+Download)](https://techcratic.com/wp-content/uploads/2024/11/1731599476_maxresdefault-360x180.jpg)
Divya
2024-10-03 03:46:44
gbhackers.com
A critical vulnerability has been discovered in Cisco’s Nexus Dashboard Fabric Controller (NDFC), potentially allowing hackers to execute arbitrary commands on affected systems.
This flaw, identified as CVE-2024-20432, was first published on October 2, 2024. Its CVSS score of 9.9 indicates its severe impact.
Vulnerability Details
The vulnerability resides in the Cisco NDFC’s REST API and web UI. It could enable an authenticated, low-privileged remote attacker to perform a command injection attack.
This is due to improper user authorization and insufficient validation of command arguments.
Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try for Free
By exploiting this flaw, attackers can execute arbitrary commands on the command-line interface (CLI) of a Cisco NDFC-managed device with network-admin privileges.
This vulnerability does not affect Cisco NDFC when configured for storage area network (SAN) controller deployment. However, other implementations remain at risk.
Cisco has confirmed that there are no workarounds for this vulnerability. The company has released software updates to address the issue and urges customers to upgrade their systems promptly.
Affected users can obtain these updates through their usual channels if they have a service contract with Cisco.
Affected and Unaffected Products
The vulnerability affects Cisco NDFC but does not impact Nexus Dashboard Insights or Nexus Dashboard Orchestrator (NDO).
Users are advised to review the advisory for detailed information on vulnerable software releases and to ensure they upgrade to a fixed version as soon as possible.
Cisco advises all users to regularly consult security advisories and ensure their systems are running supported software versions.
Free Webinar on How to Protect Small Businesses Against Advanced Cyberthreats -> Free Registration
Support Techcratic
If you find value in Techcratic’s insights and articles, consider supporting us with Bitcoin. Your support helps me, as a solo operator, continue delivering high-quality content while managing all the technical aspects, from server maintenance to blog writing, future updates, and improvements. Support Innovation! Thank you.
Bitcoin Address:
bc1qlszw7elx2qahjwvaryh0tkgg8y68enw30gpvge
Please verify this address before sending funds.
Bitcoin QR Code
Simply scan the QR code below to support Techcratic.
Please read the Privacy and Security Disclaimer on how Techcratic handles your support.
Disclaimer: As an Amazon Associate, Techcratic may earn from qualifying purchases.
![The geometry of data: the missing metric tensor and the Stein score [Part II]](https://techcratic.com/wp-content/uploads/2024/11/lensing-360x180.jpg)
