Cisco has addressed a critical vulnerability in the Cisco Nexus Dashboard Fabric Controller (NDFC) that could allow remote attackers to read arbitrary files on affected devices. The vulnerability, tracked under CVE-2024-20348, was associated with the Out-of-band (OOB) Plug and Play (PnP) feature of the Cisco Nexus Dashboard Fabric Controller.
The flaw stemmed from an unauthenticated provisioning web server, which attackers could exploit by sending direct web requests to the server. Successful exploitation could enable threat actors to access sensitive files within the PnP container, potentially escalating attacks on the PnP infrastructure.
Cisco has released a security advisory addressing the vulnerability, assigning it a severity rating of 7.5 (High). Users of Cisco Nexus Dashboard are strongly advised to upgrade to the latest version to mitigate the risk of exploitation. The vulnerability affects NDFC Release 12.1.3b with a default configuration.
It’s worth noting that while the vulnerability poses a significant risk, there have been no reported instances of threat actors exploiting it in the wild. Nevertheless, proactive measures such as upgrading to the patched version are recommended to ensure network security.
Reference:
