Cisco Nexus Dashboard Configuration Backup Vulnerability Allowing Unauthorized Access to Internal APIs

A vulnerability exists in the configuration backup feature of Cisco Nexus Dashboard versions 3.2 and earlier, as well as 4.1. This issue allows an attacker with the encryption password and access to Full or Config-only backup files to decrypt the backups and access sensitive information. The vulnerability arises because authentication details are included in the encrypted backup files. An attacker could use these details to access internal-only APIs on the affected device, potentially executing arbitrary commands on the underlying operating system as the root user.

Impact

Exploitation of this vulnerability could lead to unauthorized access to internal APIs on the affected device, allowing an attacker to execute arbitrary commands on the operating system with root privileges.

Remediation

Users are advised to upgrade to Cisco Nexus Dashboard version 4.2 or to a fixed release of versions 3.2 or 4.1. For information on how to obtain the fixed software, consult the Cisco Support and Downloads page or contact the Cisco Technical Assistance Center (TAC).