Information disclosure in Cisco Nexus Dashboard Insights (NDI)

#VU98018 Information disclosure in Cisco Nexus Dashboard Insights (NDI)

Published: 2024-10-03

Vulnerability identifier: #VU98018

Vulnerability risk: Low

CVSSv3.1: 5.5 [CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-20491

CWE-ID: CWE-200

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Cisco Nexus Dashboard Insights (NDI)
Other software / Other software solutions

Vendor: Cisco Systems, Inc

Description

The vulnerability allows a local attacker to gain access to potentially sensitive information.

The vulnerability exists due to remote controller credentials are recorded in an internal log that is stored in the tech support file. A local attacker can view remote controller admin credentials in clear text.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Cisco Nexus Dashboard Insights (NDI): 6.3 - 6.5

External links
http://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndhs-idv-Bk8VqEDc

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Cisco Nexus Dashboard Fabric Controller (NDFC), Cisco Nexus Dashboard Insights and Cisco Nexus Dashboard Orchestrator (NDO)