CVE-2024-20282 - Vulnerability Details - OpenCVE

A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid rescue-user credentials to elevate privileges to root on an affected device. This vulnerability is due to insufficient protections for a sensitive access token. An attacker could exploit this vulnerability by using this token to access resources within the device infrastructure. A successful exploit could allow an attacker to gain root access to the filesystem or hosted containers on an affected device.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndru-pesc-kZ2PQLZH

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2024-04-03T16:20:33.850Z

Updated: 2024-08-27T13:39:11.505Z

Reserved: 2023-11-08T15:08:07.626Z

Link: CVE-2024-20282

Vulnrichment

Updated: 2024-08-01T21:59:41.778Z

NVD

Status : Awaiting Analysis

Published: 2024-04-03T17:15:47.950

Modified: 2024-11-21T08:52:13.210

Link: CVE-2024-20282

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-20282", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2023-11-08T15:08:07.626Z", "datePublished": "2024-04-03T16:20:33.850Z", "dateUpdated": "2024-08-27T13:39:11.505Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-04-03T16:20:33.850Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid rescue-user credentials to elevate privileges to root on an affected device.\r\n\r This vulnerability is due to insufficient protections for a sensitive access token. An attacker could exploit this vulnerability by using this token to access resources within the device infrastructure. A successful exploit could allow an attacker to gain root access to the filesystem or hosted containers on an affected device."}], "affected": [{"vendor": "Cisco", "product": "Cisco Nexus Dashboard", "versions": [{"version": "1.1(0c)", "status": "affected"}, {"version": "1.1(0d)", "status": "affected"}, {"version": "1.1(2h)", "status": "affected"}, {"version": "1.1(2i)", "status": "affected"}, {"version": "1.1(3c)", "status": "affected"}, {"version": "1.1(3d)", "status": "affected"}, {"version": "1.1(3e)", "status": "affected"}, {"version": "1.1(3f)", "status": "affected"}, {"version": "2.0(1b)", "status": "affected"}, {"version": "2.0(1d)", "status": "affected"}, {"version": "2.0(2g)", "status": "affected"}, {"version": "2.0(2h)", "status": "affected"}, {"version": "2.1(1d)", "status": "affected"}, {"version": "2.1(1e)", "status": "affected"}, {"version": "2.1(2d)", "status": "affected"}, {"version": "2.1(2f)", "status": "affected"}, {"version": "2.2(1e)", "status": "affected"}, {"version": "2.2(1h)", "status": "affected"}, {"version": "2.2(2d)", "status": "affected"}, {"version": "2.3(1c)", "status": "affected"}, {"version": "2.3(2b)", "status": "affected"}, {"version": "2.3(2c)", "status": "affected"}, {"version": "2.3(2d)", "status": "affected"}, {"version": "2.3(2e)", "status": "affected"}, {"version": "3.0(1f)", "status": "affected"}, {"version": "3.0(1i)", "status": "affected"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Improper Privilege Management", "type": "cwe", "cweId": "CWE-269"}]}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndru-pesc-kZ2PQLZH", "name": "cisco-sa-ndru-pesc-kZ2PQLZH"}], "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "baseScore": 6, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}}], "exploits": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "source": {"advisory": "cisco-sa-ndru-pesc-kZ2PQLZH", "discovery": "INTERNAL", "defects": ["CSCwh02726"]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:59:41.778Z"}, "title": "CVE Program Container", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndru-pesc-kZ2PQLZH", "name": "cisco-sa-ndru-pesc-kZ2PQLZH", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "cisco", "product": "nexus_dashboard", "cpes": ["cpe:2.3:a:cisco:nexus_dashboard:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "1.1(0c)", "status": "affected"}, {"version": "1.1(0d)", "status": "affected"}, {"version": "1.1(2h)", "status": "affected"}, {"version": "1.1(2i)", "status": "affected"}, {"version": "1.1(3c)", "status": "affected"}, {"version": "1.1(3d)", "status": "affected"}, {"version": "1.1(3e)", "status": "affected"}, {"version": "1.1(3f)", "status": "affected"}, {"version": "2.0(1b)", "status": "affected"}, {"version": "2.0(1d)", "status": "affected"}, {"version": "2.0(2g)", "status": "affected"}, {"version": "2.0(2h)", "status": "affected"}, {"version": "2.1(1d)", "status": "affected"}, {"version": "2.1(1e)", "status": "affected"}, {"version": "2.1(2d)", "status": "affected"}, {"version": "2.1(2f)", "status": "affected"}, {"version": "2.2(1e)", "status": "affected"}, {"version": "2.2(1h)", "status": "affected"}, {"version": "2.2(2d)", "status": "affected"}, {"version": "2.3(1c)", "status": "affected"}, {"version": "2.3(2b)", "status": "affected"}, {"version": "2.3(2c)", "status": "affected"}, {"version": "2.3(2d)", "status": "affected"}, {"version": "2.3(2e)", "status": "affected"}, {"version": "3.0(1f)", "status": "affected"}, {"version": "3.0(1i)", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-04-03T19:07:42.320022Z", "id": "CVE-2024-20282", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-27T13:39:11.505Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndru-pesc-kZ2PQLZH", "name": "cisco-sa-ndru-pesc-kZ2PQLZH", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:59:41.778Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-20282", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-04-03T19:07:42.320022Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:cisco:nexus_dashboard:*:*:*:*:*:*:*:*"], "vendor": "cisco", "product": "nexus_dashboard", "versions": [{"status": "affected", "version": "1.1(0c)"}, {"status": "affected", "version": "1.1(0d)"}, {"status": "affected", "version": "1.1(2h)"}, {"status": "affected", "version": "1.1(2i)"}, {"status": "affected", "version": "1.1(3c)"}, {"status": "affected", "version": "1.1(3d)"}, {"status": "affected", "version": "1.1(3e)"}, {"status": "affected", "version": "1.1(3f)"}, {"status": "affected", "version": "2.0(1b)"}, {"status": "affected", "version": "2.0(1d)"}, {"status": "affected", "version": "2.0(2g)"}, {"status": "affected", "version": "2.0(2h)"}, {"status": "affected", "version": "2.1(1d)"}, {"status": "affected", "version": "2.1(1e)"}, {"status": "affected", "version": "2.1(2d)"}, {"status": "affected", "version": "2.1(2f)"}, {"status": "affected", "version": "2.2(1e)"}, {"status": "affected", "version": "2.2(1h)"}, {"status": "affected", "version": "2.2(2d)"}, {"status": "affected", "version": "2.3(1c)"}, {"status": "affected", "version": "2.3(2b)"}, {"status": "affected", "version": "2.3(2c)"}, {"status": "affected", "version": "2.3(2d)"}, {"status": "affected", "version": "2.3(2e)"}, {"status": "affected", "version": "3.0(1f)"}, {"status": "affected", "version": "3.0(1i)"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-27T13:38:53.533Z"}}], "cna": {"source": {"defects": ["CSCwh02726"], "advisory": "cisco-sa-ndru-pesc-kZ2PQLZH", "discovery": "INTERNAL"}, "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Cisco", "product": "Cisco Nexus Dashboard", "versions": [{"status": "affected", "version": "1.1(0c)"}, {"status": "affected", "version": "1.1(0d)"}, {"status": "affected", "version": "1.1(2h)"}, {"status": "affected", "version": "1.1(2i)"}, {"status": "affected", "version": "1.1(3c)"}, {"status": "affected", "version": "1.1(3d)"}, {"status": "affected", "version": "1.1(3e)"}, {"status": "affected", "version": "1.1(3f)"}, {"status": "affected", "version": "2.0(1b)"}, {"status": "affected", "version": "2.0(1d)"}, {"status": "affected", "version": "2.0(2g)"}, {"status": "affected", "version": "2.0(2h)"}, {"status": "affected", "version": "2.1(1d)"}, {"status": "affected", "version": "2.1(1e)"}, {"status": "affected", "version": "2.1(2d)"}, {"status": "affected", "version": "2.1(2f)"}, {"status": "affected", "version": "2.2(1e)"}, {"status": "affected", "version": "2.2(1h)"}, {"status": "affected", "version": "2.2(2d)"}, {"status": "affected", "version": "2.3(1c)"}, {"status": "affected", "version": "2.3(2b)"}, {"status": "affected", "version": "2.3(2c)"}, {"status": "affected", "version": "2.3(2d)"}, {"status": "affected", "version": "2.3(2e)"}, {"status": "affected", "version": "3.0(1f)"}, {"status": "affected", "version": "3.0(1i)"}]}], "exploits": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndru-pesc-kZ2PQLZH", "name": "cisco-sa-ndru-pesc-kZ2PQLZH"}], "descriptions": [{"lang": "en", "value": "A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid rescue-user credentials to elevate privileges to root on an affected device.\r\n\r This vulnerability is due to insufficient protections for a sensitive access token. An attacker could exploit this vulnerability by using this token to access resources within the device infrastructure. A successful exploit could allow an attacker to gain root access to the filesystem or hosted containers on an affected device."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "cwe", "cweId": "CWE-269", "description": "Improper Privilege Management"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-04-03T16:20:33.850Z"}}}, "cveMetadata": {"cveId": "CVE-2024-20282", "state": "PUBLISHED", "dateUpdated": "2024-08-27T13:39:11.505Z", "dateReserved": "2023-11-08T15:08:07.626Z", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2024-04-03T16:20:33.850Z", "assignerShortName": "cisco"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid rescue-user credentials to elevate privileges to root on an affected device.\r\n\r This vulnerability is due to insufficient protections for a sensitive access token. An attacker could exploit this vulnerability by using this token to access resources within the device infrastructure. A successful exploit could allow an attacker to gain root access to the filesystem or hosted containers on an affected device."}, {"lang": "es", "value": "Una vulnerabilidad en Cisco Nexus Dashboard podr\u00eda permitir que un atacante local autenticado con credenciales v\u00e1lidas de usuario de rescate eleve los privilegios a root en un dispositivo afectado. Esta vulnerabilidad se debe a protecciones insuficientes para un token de acceso confidencial. Un atacante podr\u00eda aprovechar esta vulnerabilidad utilizando este token para acceder a recursos dentro de la infraestructura del dispositivo. Un exploit exitoso podr\u00eda permitir a un atacante obtener acceso ra\u00edz al SYSTEM de archivos o a los contenedores alojados en un dispositivo afectado."}], "id": "CVE-2024-20282", "lastModified": "2024-11-21T08:52:13.210", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.2, "source": "ykramarz@cisco.com", "type": "Secondary"}]}, "published": "2024-04-03T17:15:47.950", "references": [{"source": "ykramarz@cisco.com", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndru-pesc-kZ2PQLZH"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndru-pesc-kZ2PQLZH"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}