Cisco Nexus Dashboard and NDFC Unauthorized REST API Vulnerability Allowing Information Disclosure and File Modification

A vulnerability exists in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller (NDFC) due to inadequate authorization controls. This flaw enables authenticated, low-privileged, remote attackers to access sensitive information or upload and alter files on affected devices. Exploitation of this vulnerability could allow attackers to perform limited administrative tasks, such as retrieving confidential HTTP Proxy and NTP configuration details, uploading images, and corrupting image files on the device.

Impact

Successful exploitation could permit an attacker to execute limited administrative functions, including accessing sensitive HTTP Proxy and NTP configuration information, uploading images, and damaging image files on the affected device.

Remediation

Cisco has released software updates to address these vulnerabilities. For Cisco Nexus Dashboard releases 3.2 and earlier, users should migrate to a fixed release. For Cisco Nexus Dashboard release 4.1, users should upgrade to version 4.1(1g). For Cisco NDFC, migrate to an appropriate fixed Cisco Nexus Dashboard release.