exploitDog

GHSA-fxf5-95g5-f94p

Опубликовано: 23 июл. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote attacker to write arbitrary files on an affected device. This vulnerability is due to insufficient input validation in the web-based management interface of Cisco Nexus Dashboard. An attacker with Administrator credentials could exploit this vulnerability by uploading a crafted file. A successful exploit could allow the attacker to overwrite arbitrary files on an affected device.

A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote attacker to write arbitrary files on an affected device. This vulnerability is due to insufficient input validation in the web-based management interface of Cisco Nexus Dashboard. An attacker with Administrator credentials could exploit this vulnerability by uploading a crafted file. A successful exploit could allow the attacker to overwrite arbitrary files on an affected device.

Ссылки

EPSS

Процентиль: 32%

0.00125

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-20

Связанные уязвимости

CVE-2022-20913

CVSS3: 4.9

nvd

больше 3 лет назад

A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote attacker to write arbitrary files on an affected device. This vulnerability is due to insufficient input validation in the web-based management interface of Cisco Nexus Dashboard. An attacker with Administrator credentials could exploit this vulnerability by uploading a crafted file. A successful exploit could allow the attacker to overwrite arbitrary files on an affected device.

BDU:2022-05611

CVSS3: 4.9

fstec

больше 3 лет назад

Уязвимость интерфейса командной строки (CLI) платформы аналитики и автоматизации работы с многооблачными сетями дата-центров Cisco Nexus Dashboard, позволяющая нарушителю перезаписать произвольные файлы

EPSS

Процентиль: 32%

0.00125

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-20