Описание
A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid rescue-user credentials to elevate privileges to root on an affected device.
This vulnerability is due to insufficient protections for a sensitive access token. An attacker could exploit this vulnerability by using this token to access resources within the device infrastructure. A successful exploit could allow an attacker to gain root access to the filesystem or hosted containers on an affected device.
Уязвимые конфигурации
EPSS
6 Medium
CVSS3
Дефекты
Связанные уязвимости
A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid rescue-user credentials to elevate privileges to root on an affected device. This vulnerability is due to insufficient protections for a sensitive access token. An attacker could exploit this vulnerability by using this token to access resources within the device infrastructure. A successful exploit could allow an attacker to gain root access to the filesystem or hosted containers on an affected device.
Уязвимость платформы аналитики и автоматизации работы с многооблачными сетями дата-центров Cisco Nexus Dashboard, связанная с недостатками разграничения доступ, позволяющая нарушителю повысить свои привилегии до уровня root
EPSS
6 Medium
CVSS3