Cisco

Nexus Dashboard Fabric Controller

15 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2025-20348

  • EPSS 0.05%
  • Published 27.08.2025 16:23:01
  • Last modified 08.09.2025 16:22:06

A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to view sensitive information or upload and modify files on an affecte...

5.4

CVE-2025-20347

  • EPSS 0.06%
  • Published 27.08.2025 16:22:59
  • Last modified 08.09.2025 16:21:08

A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to view sensitive information or upload and modify files on an affecte...

8.8

CVE-2024-20536

  • EPSS 0.33%
  • Published 06.11.2024 17:15:19
  • Last modified 07.08.2025 00:23:00

A vulnerability in a REST API endpoint and web-based management interface of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, remote attacker with read-only privileges to execute arbitrary SQL commands on an affected devic...

5.4

CVE-2024-20477

  • EPSS 0.25%
  • Published 02.10.2024 17:15:17
  • Last modified 08.10.2024 16:00:30

A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to upload or delete files on an affected device. This vulnerability exists because of missing authorization controls on the...

8.6

CVE-2024-20490

  • EPSS 0.11%
  • Published 02.10.2024 17:15:17
  • Last modified 08.10.2024 15:15:39

A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller (NDFC) and Cisco Nexus Dashboard Orchestrator (NDO) could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exist...

8.6

CVE-2024-20491

  • EPSS 0.11%
  • Published 02.10.2024 17:15:17
  • Last modified 08.10.2024 15:55:08

A vulnerability in a logging function of Cisco Nexus Dashboard Insights could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because remote controller credentials are recorded in an in...

5.4

CVE-2024-20442

  • EPSS 0.09%
  • Published 02.10.2024 17:15:16
  • Last modified 07.10.2024 20:11:48

A vulnerability in the REST API endpoints of Cisco Nexus Dashboard could allow an authenticated, low-privileged, remote attacker to perform limited Administrator actions on an affected device. This vulnerability is due to insufficient authorizatio...

5.5

CVE-2024-20444

  • EPSS 0.33%
  • Published 02.10.2024 17:15:16
  • Last modified 08.10.2024 15:26:38

A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC), formerly Cisco Data Center Network Manager (DCNM), could allow an authenticated, remote attacker with network-admin privileges to perform a command injection attack against an affecte...

8.6

CVE-2024-20448

  • EPSS 0.03%
  • Published 02.10.2024 17:15:16
  • Last modified 08.10.2024 15:25:47

A vulnerability in the Cisco Nexus Dashboard Fabric Controller (NDFC) software, formerly Cisco Data Center Network Manager (DCNM), could allow an attacker with access to a backup file to view sensitive information. This vulnerability is due to the...

8.8

CVE-2024-20449

  • EPSS 1.13%
  • Published 02.10.2024 17:15:16
  • Last modified 08.10.2024 15:33:29

A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device. This vulnerability is due to improper path validation. An attacker...