Cisco Nexus Dashboard and NDFC Unauthorized REST API Vulnerabilities Allowing Information Disclosure and File Modification

A vulnerability exists in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller (NDFC) due to inadequate authorization controls. This vulnerability allows authenticated, low-privileged, remote attackers to view sensitive information or upload and modify files on affected devices. Exploitation of this vulnerability could enable attackers to perform limited administrative functions, such as accessing confidential HTTP Proxy and NTP configuration details, uploading images, and damaging image files on the device.

Impact

Successful exploitation allows attackers to perform limited administrative tasks, including accessing sensitive configuration information and manipulating image files on the device.

Remediation

Users can upgrade to Cisco Nexus Dashboard releases 4.1(1g) or 3.1(1k) to address this vulnerability. For Cisco NDFC, migrate to an appropriate fixed Cisco Nexus Dashboard release. Consult the Cisco Nexus Dashboard and NDFC sections of the advisory for specific upgrade instructions.