Cisco Nexus Dashboard Insights Arbitrary File Write Vulnerability

A vulnerability exists in the Metadata update feature of Cisco Nexus Dashboard Insights, allowing authenticated, remote attackers to write arbitrary files to the underlying operating system as the root user. This issue arises from inadequate validation of metadata update files. Attackers with valid administrative credentials could exploit this vulnerability by crafting a metadata update file and manually uploading it to the affected system. While manual uploads are common in Air-Gap environments, the option is also available for devices connected to Cisco Intersight Cloud.

Impact

Exploitation of this vulnerability could lead to unauthorized file writes on the affected system, with the potential for those files to be executed, given the root access.

Remediation

Users are advised to upgrade to a fixed release of Cisco Nexus Dashboard Insights. For versions 6.5 and earlier, migrate to a fixed Nexus Dashboard release. For Cisco Nexus Dashboard releases 3.1, 3.2, and 4.1, also migrate to a fixed release. Note that starting with Cisco Nexus Dashboard Release 3.1(1k), Nexus Dashboard Insights is included in the unified Nexus Dashboard software image.