cvelistv5 - CVE-2024-20444

CVE-2024-20444

Vulnerability from cvelistv5

Published
2024-10-02 16:54
Modified
2024-10-02 19:45
Severity ?
5.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L
Summary
Cisco Nexus Dashboard Fabric Controller REST API Command Injection Vulnerability
References
▼	URL	Tags
	ykramarz@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-raci-T46k3jnN	Vendor Advisory
Impacted products
▼	Vendor	Product
	Cisco	Cisco Data Center Network Manager
Show details on NVD website
JSON
To clipboard
{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:cisco:data_center_network_manager:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "data_center_network_manager",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "11.2(1)"
              },
              {
                "status": "affected",
                "version": "7.0(2)"
              },
              {
                "status": "affected",
                "version": "10.3(2)IPFM"
              },
              {
                "status": "affected",
                "version": "10.1(1)"
              },
              {
                "status": "affected",
                "version": "7.2(3)"
              },
              {
                "status": "affected",
                "version": "7.2(2)"
              },
              {
                "status": "affected",
                "version": "7.2(1)"
              },
              {
                "status": "affected",
                "version": "11.0(1)"
              },
              {
                "status": "affected",
                "version": "10.4(1)"
              },
              {
                "status": "affected",
                "version": "10.2(1)"
              },
              {
                "status": "affected",
                "version": "7.2(2a)"
              },
              {
                "status": "affected",
                "version": "10.1(2)"
              },
              {
                "status": "affected",
                "version": "7.1(1)"
              },
              {
                "status": "affected",
                "version": "12.1(1)"
              },
              {
                "status": "affected",
                "version": "11.1(1)"
              },
              {
                "status": "affected",
                "version": "10.3(1)"
              },
              {
                "status": "affected",
                "version": "10.3(1)R(1)"
              },
              {
                "status": "affected",
                "version": "7.0(1)"
              },
              {
                "status": "affected",
                "version": "10.0(1)"
              },
              {
                "status": "affected",
                "version": "7.1(2)"
              },
              {
                "status": "affected",
                "version": "11.4(1)"
              },
              {
                "status": "affected",
                "version": "10.4(2)"
              },
              {
                "status": "affected",
                "version": "11.3(1)"
              },
              {
                "status": "affected",
                "version": "11.5(1)"
              },
              {
                "status": "affected",
                "version": "11.5(2)"
              },
              {
                "status": "affected",
                "version": "11.5(3)"
              },
              {
                "status": "affected",
                "version": "12.0.1a"
              },
              {
                "status": "affected",
                "version": "11.5(3a)"
              },
              {
                "status": "affected",
                "version": "12.0.2d"
              },
              {
                "status": "affected",
                "version": "12.0.2f"
              },
              {
                "status": "affected",
                "version": "11.5(4)"
              },
              {
                "status": "affected",
                "version": "12.1.1"
              },
              {
                "status": "affected",
                "version": "12.1.1e"
              },
              {
                "status": "affected",
                "version": "12.1.1p"
              },
              {
                "status": "affected",
                "version": "12.1.2e"
              },
              {
                "status": "affected",
                "version": "12.1.2p"
              },
              {
                "status": "affected",
                "version": "12.1.3b"
              },
              {
                "status": "affected",
                "version": "12.2.1"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20444",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-02T19:29:46.344080Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-02T19:45:29.694Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Cisco Data Center Network Manager",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "11.2(1)"
            },
            {
              "status": "affected",
              "version": "7.0(2)"
            },
            {
              "status": "affected",
              "version": "10.3(2)IPFM"
            },
            {
              "status": "affected",
              "version": "10.1(1)"
            },
            {
              "status": "affected",
              "version": "7.2(3)"
            },
            {
              "status": "affected",
              "version": "7.2(2)"
            },
            {
              "status": "affected",
              "version": "7.2(1)"
            },
            {
              "status": "affected",
              "version": "11.0(1)"
            },
            {
              "status": "affected",
              "version": "10.4(1)"
            },
            {
              "status": "affected",
              "version": "10.2(1)"
            },
            {
              "status": "affected",
              "version": "7.2(2a)"
            },
            {
              "status": "affected",
              "version": "10.1(2)"
            },
            {
              "status": "affected",
              "version": "7.1(1)"
            },
            {
              "status": "affected",
              "version": "12.1(1)"
            },
            {
              "status": "affected",
              "version": "11.1(1)"
            },
            {
              "status": "affected",
              "version": "10.3(1)"
            },
            {
              "status": "affected",
              "version": "10.3(1)R(1)"
            },
            {
              "status": "affected",
              "version": "7.0(1)"
            },
            {
              "status": "affected",
              "version": "10.0(1)"
            },
            {
              "status": "affected",
              "version": "7.1(2)"
            },
            {
              "status": "affected",
              "version": "11.4(1)"
            },
            {
              "status": "affected",
              "version": "10.4(2)"
            },
            {
              "status": "affected",
              "version": "11.3(1)"
            },
            {
              "status": "affected",
              "version": "11.5(1)"
            },
            {
              "status": "affected",
              "version": "11.5(2)"
            },
            {
              "status": "affected",
              "version": "11.5(3)"
            },
            {
              "status": "affected",
              "version": "12.0.1a"
            },
            {
              "status": "affected",
              "version": "11.5(3a)"
            },
            {
              "status": "affected",
              "version": "12.0.2d"
            },
            {
              "status": "affected",
              "version": "12.0.2f"
            },
            {
              "status": "affected",
              "version": "11.5(4)"
            },
            {
              "status": "affected",
              "version": "12.1.1"
            },
            {
              "status": "affected",
              "version": "12.1.1e"
            },
            {
              "status": "affected",
              "version": "12.1.1p"
            },
            {
              "status": "affected",
              "version": "12.1.2e"
            },
            {
              "status": "affected",
              "version": "12.1.2p"
            },
            {
              "status": "affected",
              "version": "12.1.3b"
            },
            {
              "status": "affected",
              "version": "12.2.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC), formerly Cisco Data Center Network Manager (DCNM), could allow an authenticated, remote attacker with network-admin privileges to perform a command injection attack against an affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to insufficient validation of command arguments. An attacker could exploit this vulnerability by submitting crafted command arguments to a specific REST API endpoint. A successful exploit could allow the attacker to overwrite sensitive files or crash a specific container, which would restart on its own, causing a low-impact denial of service (DoS) condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-88",
              "description": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-02T16:54:09.855Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-ndfc-raci-T46k3jnN",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-raci-T46k3jnN"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ndfc-raci-T46k3jnN",
        "defects": [
          "CSCwj55173"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Nexus Dashboard Fabric Controller REST API Command Injection Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20444",
    "datePublished": "2024-10-02T16:54:09.855Z",
    "dateReserved": "2023-11-08T15:08:07.677Z",
    "dateUpdated": "2024-10-02T19:45:29.694Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-20444\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2024-10-02T17:15:16.390\",\"lastModified\":\"2024-10-08T15:26:38.527\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC), formerly Cisco Data Center Network Manager (DCNM), could allow an authenticated, remote attacker with network-admin privileges to perform a command injection attack against an affected device.\\r\\n\u0026nbsp;\\r\\nThis vulnerability is due to insufficient validation of command arguments. An attacker could exploit this vulnerability by submitting crafted command arguments to a specific REST API endpoint. A successful exploit could allow the attacker to overwrite sensitive files or crash a specific container, which would restart on its own, causing a low-impact denial of service (DoS) condition.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en Cisco Nexus Dashboard Fabric Controller (NDFC), anteriormente Cisco Data Center Network Manager (DCNM), podr\u00eda permitir que un atacante remoto autenticado con privilegios de administrador de red realice un ataque de inyecci\u00f3n de comandos contra un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de los argumentos de los comandos. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando argumentos de comandos manipulados a un endpoint de API REST espec\u00edfico. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante sobrescribir archivos confidenciales o bloquear un contenedor espec\u00edfico, que se reiniciar\u00eda por s\u00ed solo, lo que provocar\u00eda una condici\u00f3n de denegaci\u00f3n de servicio (DoS) de bajo impacto.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"LOW\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":1.2,\"impactScore\":4.2},{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"LOW\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":1.2,\"impactScore\":4.2}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-88\"}]},{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-88\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:nexus_dashboard_fabric_controller:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"12.2.2\",\"matchCriteriaId\":\"9E78B4AC-793B-4405-896F-31398AF7CBD2\"}]}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-raci-T46k3jnN\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}
Action not permitted

CVE-2024-20444

Vulnerability from cvelistv5

ghsa-rvwm-3c9j-xm8h

Vulnerability from github

gsd-2024-20444

Vulnerability from gsd

cisco-sa-ndfc-raci-t46k3jnn

Vulnerability from csaf_cisco

Tags
