Skip to main content

Cisco Nexus Dashboard EUVDEUVD-2026-17957

| CVE-2026-20174 MEDIUM
Path Traversal (CWE-22)
2026-04-01 cisco GHSA-2cwq-r4f6-rjgw
4.9
CVSS 3.1 · Vendor: cisco
Share

Severity by source

Vendor (cisco) PRIMARY
4.9 MEDIUM
AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Primary rating from Vendor (cisco) · only source for this CVE.

CVSS VectorVendor: cisco

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None

Lifecycle Timeline

3
EUVD ID Assigned
Apr 01, 2026 - 17:30 euvd
EUVD-2026-17957
Analysis Generated
Apr 01, 2026 - 17:30 vuln.today
CVE Published
Apr 01, 2026 - 16:29 nvd
MEDIUM 4.9

DescriptionCVE.org

A vulnerability in the Metadata update feature of Cisco Nexus Dashboard Insights could allow an authenticated, remote attacker to write arbitrary files to an affected system.

This vulnerability is due to insufficient validation of the metadata update file. An attacker could exploit this vulnerability by crafting a metadata update file and manually uploading it to an affected device. A successful exploit could allow the attacker to write arbitrary files to the underlying operating system as the root user. To exploit this vulnerability, the attacker must have valid administrative credentials. Note: Manual uploading of metadata files is typical for Air-Gap environments but not for Cisco Intersight Cloud connected devices. However, the manual upload option exists for both deployments.

AnalysisAI

Cisco Nexus Dashboard Insights metadata update feature allows authenticated administrators to write arbitrary files to the system with root privileges through path traversal in insufficiently validated metadata files. An attacker with valid administrative credentials can craft and manually upload a malicious metadata file to achieve arbitrary file write access to the underlying operating system. This vulnerability affects Cisco Nexus Dashboard and Nexus Dashboard Insights deployments, particularly those using manual metadata uploads in air-gap environments. CVSS score of 4.9 reflects the requirement for high-privilege authentication, though the integrity impact is rated as high given the ability to write files as root.

Technical ContextAI

The vulnerability exists in the metadata update functionality of Cisco Nexus Dashboard Insights, where file path validation is insufficient to prevent directory traversal attacks. The affected technology involves a metadata upload mechanism that accepts crafted files without proper sanitization of path components, allowing sequences like '../' to escape intended directories. This is a classic path traversal flaw (CWE-22) affecting file handling logic. The vulnerability exists in both cloud-connected Intersight deployments and air-gap environments, though manual metadata uploads are more commonly used in air-gap scenarios. Cisco Nexus Dashboard and its Insights module are network infrastructure management platforms, and the metadata update feature is used for system configuration and insights data management.

RemediationAI

Organizations should consult the official Cisco Security Advisory at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndi-afw-rJuRC5dZ for exact patched versions and upgrade instructions, as specific fix versions were not provided in available data. As an interim mitigation measure, restrict access to the metadata update functionality to only trusted administrative personnel and avoid uploading metadata files from untrusted sources. For air-gap environments where manual metadata uploads are necessary, implement administrative controls and monitoring to detect unusual metadata upload activities. Organizations using cloud-connected Intersight deployments should prioritize remediation through Cisco's standard patching channels for managed platforms.

Share

EUVD-2026-17957 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy