A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid rescue-user credentials to elevate privileges to root on an affected device.
This vulnerability is due to insufficient protections for a sensitive access token. An attacker could exploit this vulnerability by using this token to access resources within the device infrastructure. A successful exploit could allow an attacker to gain root access to the filesystem or hosted containers on an affected device.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2024-04-03T16:20:33.850Z
Updated: 2024-08-27T13:39:11.505Z
Reserved: 2023-11-08T15:08:07.626Z
Link: CVE-2024-20282
Vulnrichment
Updated: 2024-08-01T21:59:41.778Z
NVD
Status : Awaiting Analysis
Published: 2024-04-03T17:15:47.950
Modified: 2024-04-03T17:24:18.150
Link: CVE-2024-20282
Redhat
No data.