Description
A vulnerability in the Metadata update feature of Cisco Nexus Dashboard Insights could allow an authenticated, remote attacker to write arbitrary files to an affected system.

This vulnerability is due to insufficient validation of the metadata update file. An attacker could exploit this vulnerability by crafting a metadata update file and manually uploading it to an affected device. A successful exploit could allow the attacker to write arbitrary files to the underlying operating system as the root user. To exploit this vulnerability, the attacker must have valid administrative credentials.
Note: Manual uploading of metadata files is typical for Air-Gap environments but not for Cisco Intersight Cloud connected devices. However, the manual upload option exists for both deployments.
Published: 2026-04-01
Score: 4.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Remote arbitrary file write with root privileges
Action: Apply Patch
AI Analysis

Impact

A Cisco Nexus Dashboard Insights vulnerability allows an authenticated, remote attacker who possesses valid administrative credentials to craft and upload a modified metadata file, leading to arbitrary file writes on the device’s underlying operating system as the root user. This weakness falls under the file path traversal category and enables the attacker to modify system files, potentially compromising confidentiality, integrity, or availability of the affected system.

Affected Systems

Cisco Nexus Dashboard and Cisco Nexus Dashboard Insights are the impacted products. The exact affected software versions are not listed in the advisory, but the flaw exists in any deployment that supports the metadata update feature, including both air‑gap and cloud‑connected environments.

Risk and Exploitability

The CVSS score is 4.9, indicating moderate severity. EPSS information is not available, and the vulnerability is not listed in the CISA KEV catalog. Exploitation requires authenticated remote access; an attacker would need legitimate administrative credentials. The likely attack vector is remote, authenticated file upload. Due to the requirement for credentials, the risk to systems with strong access controls is lower, but not negligible if administrative credentials are compromised.

Generated by OpenCVE AI on April 2, 2026 at 02:43 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the software update or patch for Cisco Nexus Dashboard Insights referenced in the Cisco security advisory.
  • If a patch is not yet available, disable the manual metadata upload capability in device configuration to prevent file writes.
  • Monitor device logs for any unauthorized metadata upload attempts and investigate promptly.
  • Enforce strict access controls on administrative credentials, using least privilege and multi‑factor authentication to reduce the chance of credential compromise.

Generated by OpenCVE AI on April 2, 2026 at 02:43 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 03 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Cisco
Cisco nexus Dashboard
Cisco nexus Dashboard Insights
Vendors & Products Cisco
Cisco nexus Dashboard
Cisco nexus Dashboard Insights

Wed, 01 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
Description A vulnerability in the Metadata update feature of Cisco Nexus Dashboard Insights could allow an authenticated, remote attacker to write arbitrary files to an affected system. This vulnerability is due to insufficient validation of the metadata update file. An attacker could exploit this vulnerability by crafting a metadata update file and manually uploading it to an affected device. A successful exploit could allow the attacker to write arbitrary files to the underlying operating system as the&nbsp;root user. To exploit this vulnerability, the attacker must have valid administrative credentials. Note: Manual uploading of metadata files is typical for Air-Gap environments but not for Cisco Intersight Cloud connected devices. However, the manual upload option exists for both deployments.
Title Cisco Nexus Dashboard Insights Arbitrary File Write Vulnerability
Weaknesses CWE-22
References
Metrics cvssV3_1

{'score': 4.9, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Subscriptions

Cisco Nexus Dashboard Nexus Dashboard Insights
cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published:

Updated: 2026-04-01T18:09:37.371Z

Reserved: 2025-10-08T11:59:15.392Z

Link: CVE-2026-20174

cve-icon Vulnrichment

Updated: 2026-04-01T18:09:31.551Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-01T17:28:31.937

Modified: 2026-04-03T16:11:11.357

Link: CVE-2026-20174

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-03T08:58:27Z

Weaknesses