Skip to main content

Nexus Dashboard

23 CVEs product

Monthly

CVE-2025-20348 MEDIUM This Month

A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to view sensitive. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Nexus Dashboard
NVD
CVSS 3.1
5.0
EPSS
0.1%
CVE-2025-20347 MEDIUM This Month

A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to view sensitive. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Nexus Dashboard
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2025-20344 MEDIUM This Month

A vulnerability in the backup restore functionality of Cisco Nexus Dashboard could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Path Traversal Nexus Dashboard
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-20163 HIGH This Week

Man-in-the-middle vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC) caused by insufficient SSH host key validation, allowing unauthenticated remote attackers to impersonate NDFC-managed devices and intercept SSH traffic. This vulnerability affects Cisco NDFC deployments and could lead to credential capture and device impersonation with a CVSS score of 8.7 (High). Without confirmed KEV status or public POC availability noted in standard databases, organizations should prioritize patching based on CVSS severity and the network-accessible nature of the vulnerability (AV:N).

Information Disclosure Cisco SSH Authentication Bypass Nexus Dashboard
NVD
CVSS 3.1
8.7
EPSS
0.0%
CVE-2025-20150 MEDIUM This Month

A vulnerability in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to enumerate LDAP user accounts. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cisco Nexus Dashboard
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2024-20477 MEDIUM This Month

A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to upload or delete files on an affected device. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Nexus Dashboard Nexus Dashboard Fabric Controller
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2024-20442 MEDIUM This Month

A vulnerability in the REST API endpoints of Cisco Nexus Dashboard could allow an authenticated, low-privileged, remote attacker to perform limited Administrator actions on an affected device. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Nexus Dashboard Nexus Dashboard Fabric Controller
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-20441 MEDIUM This Month

A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to learn sensitive information on an affected device. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Nexus Dashboard Nexus Dashboard Fabric Controller
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2024-20438 MEDIUM This Month

A vulnerability in the REST API endpoints of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to read or write files on an affected device. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Nexus Dashboard Nexus Dashboard Fabric Controller
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-20283 MEDIUM This Month

A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote attacker to learn cluster deployment information on an affected device. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Nexus Dashboard
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-20282 MEDIUM This Month

A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid rescue-user credentials to elevate privileges to root on an affected device. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cisco Nexus Dashboard
NVD
CVSS 3.1
6.0
EPSS
0.2%
CVE-2024-20281 HIGH This Week

A vulnerability in the web-based management interface of Cisco Nexus Dashboard and Cisco Nexus Dashboard hosted services could allow an unauthenticated, remote attacker to conduct a cross-site. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco CSRF Nexus Dashboard Nexus Dashboard Fabric Controller Nexus Dashboard Insights +1
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2023-20053 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Nexus Dashboard
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-20014 HIGH This Week

A vulnerability in the DNS functionality of Cisco Nexus Dashboard Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Nexus Dashboard
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-20913 MEDIUM This Month

A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote attacker to write arbitrary files on an affected device. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco Nexus Dashboard
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2022-20909 MEDIUM This Month

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Nexus Dashboard
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-20908 MEDIUM This Month

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Nexus Dashboard
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-20907 MEDIUM This Month

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Nexus Dashboard
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-20906 MEDIUM This Month

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Nexus Dashboard
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-20861 HIGH This Week

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass CSRF Cisco Nexus Dashboard
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2022-20860 HIGH This Week

A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to alter communications with associated controllers or view sensitive. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Cisco Nexus Dashboard
NVD
CVSS 3.1
7.4
EPSS
0.5%
CVE-2022-20858 CRITICAL Act Now

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass CSRF Cisco Nexus Dashboard
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-20857 CRITICAL Act Now

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass CSRF Cisco Nexus Dashboard
NVD
CVSS 3.1
9.8
EPSS
1.4%
EPSS 0% CVSS 5.0
MEDIUM This Month

A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to view sensitive. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Nexus Dashboard
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to view sensitive. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Nexus Dashboard
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

A vulnerability in the backup restore functionality of Cisco Nexus Dashboard could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Path Traversal Nexus Dashboard
NVD
EPSS 0% CVSS 8.7
HIGH This Week

Man-in-the-middle vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC) caused by insufficient SSH host key validation, allowing unauthenticated remote attackers to impersonate NDFC-managed devices and intercept SSH traffic. This vulnerability affects Cisco NDFC deployments and could lead to credential capture and device impersonation with a CVSS score of 8.7 (High). Without confirmed KEV status or public POC availability noted in standard databases, organizations should prioritize patching based on CVSS severity and the network-accessible nature of the vulnerability (AV:N).

Information Disclosure Cisco SSH +2
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

A vulnerability in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to enumerate LDAP user accounts. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cisco Nexus Dashboard
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to upload or delete files on an affected device. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Nexus Dashboard +1
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

A vulnerability in the REST API endpoints of Cisco Nexus Dashboard could allow an authenticated, low-privileged, remote attacker to perform limited Administrator actions on an affected device. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Nexus Dashboard +1
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to learn sensitive information on an affected device. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Nexus Dashboard +1
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

A vulnerability in the REST API endpoints of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to read or write files on an affected device. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Nexus Dashboard +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote attacker to learn cluster deployment information on an affected device. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Nexus Dashboard
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid rescue-user credentials to elevate privileges to root on an affected device. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cisco Nexus Dashboard
NVD
EPSS 0% CVSS 8.8
HIGH This Week

A vulnerability in the web-based management interface of Cisco Nexus Dashboard and Cisco Nexus Dashboard hosted services could allow an unauthenticated, remote attacker to conduct a cross-site. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco CSRF Nexus Dashboard +3
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Nexus Dashboard
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the DNS functionality of Cisco Nexus Dashboard Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Nexus Dashboard
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote attacker to write arbitrary files on an affected device. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco Nexus Dashboard
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Nexus Dashboard
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Nexus Dashboard
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Nexus Dashboard
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Nexus Dashboard
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass CSRF Cisco +1
NVD
EPSS 0% CVSS 7.4
HIGH This Week

A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to alter communications with associated controllers or view sensitive. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Cisco Nexus Dashboard
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass CSRF Cisco +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass CSRF Cisco +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy