Skip to main content

Cisco Nexus Dashboard

2 CVEs product

Monthly

CVE-2026-20174 MEDIUM This Month

Cisco Nexus Dashboard Insights metadata update feature allows authenticated administrators to write arbitrary files to the system with root privileges through path traversal in insufficiently validated metadata files. An attacker with valid administrative credentials can craft and manually upload a malicious metadata file to achieve arbitrary file write access to the underlying operating system. This vulnerability affects Cisco Nexus Dashboard and Nexus Dashboard Insights deployments, particularly those using manual metadata uploads in air-gap environments. CVSS score of 4.9 reflects the requirement for high-privilege authentication, though the integrity impact is rated as high given the ability to write files as root.

Cisco Path Traversal Cisco Nexus Dashboard Cisco Nexus Dashboard Insights
NVD VulDB
CVSS 3.1
4.9
EPSS
0.0%
CVE-2026-20042 MEDIUM This Month

Cisco Nexus Dashboard configuration backup feature allows authenticated administrators to extract sensitive authentication credentials from encrypted backup files, enabling subsequent unauthorized access to internal APIs and arbitrary root-level command execution on the underlying operating system. The vulnerability requires possession of both a valid backup file and its encryption password, limiting exploitation to administrators or attackers with backup file access. CVSS 6.5 reflects the high-privilege requirement (PR:H) despite high confidentiality and integrity impact; no public exploit or active exploitation has been identified.

Cisco Information Disclosure Cisco Nexus Dashboard
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
EPSS 0% CVSS 4.9
MEDIUM This Month

Cisco Nexus Dashboard Insights metadata update feature allows authenticated administrators to write arbitrary files to the system with root privileges through path traversal in insufficiently validated metadata files. An attacker with valid administrative credentials can craft and manually upload a malicious metadata file to achieve arbitrary file write access to the underlying operating system. This vulnerability affects Cisco Nexus Dashboard and Nexus Dashboard Insights deployments, particularly those using manual metadata uploads in air-gap environments. CVSS score of 4.9 reflects the requirement for high-privilege authentication, though the integrity impact is rated as high given the ability to write files as root.

Cisco Path Traversal Cisco Nexus Dashboard +1
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM This Month

Cisco Nexus Dashboard configuration backup feature allows authenticated administrators to extract sensitive authentication credentials from encrypted backup files, enabling subsequent unauthorized access to internal APIs and arbitrary root-level command execution on the underlying operating system. The vulnerability requires possession of both a valid backup file and its encryption password, limiting exploitation to administrators or attackers with backup file access. CVSS 6.5 reflects the high-privilege requirement (PR:H) despite high confidentiality and integrity impact; no public exploit or active exploitation has been identified.

Cisco Information Disclosure Cisco Nexus Dashboard
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy