Cisco NX-OS Remote Code Execution Vulnerability

Release Date: 5 Jul 2024 3176 Views

RISK: High Risk

High Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

A vulnerability has been identified in Cisco NX-OS. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution .

 

Note:

The CVE-2024-20399 vulnerability is being exploited in the wild. This vulnerability could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device.

To successfully exploit this vulnerability on a Cisco NX-OS device, an attacker must have Administrator credentials.

Impact

  • Remote Code Execution

System / Technologies affected

  • MDS 9000 Series Multilayer Switches
  • Nexus 3000 Series Switches
  • Nexus 5500 Platform Switches
  • Nexus 5600 Platform Switches 
  • Nexus 6000 Series Switches
  • Nexus 7000 Series Switches
  • Nexus 9000 Series Switches in standalone NX-OS mode

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

Vulnerability Identifier

Source

Related Link

Related Tags

CiscoRemote Code ExecutionExploit In The Wild

Share with

Previous

OpenSSH Remote Code Execution Vulnerability

2 Jul 2024 4072 Views

Next

Apache Tomcat Denial of Service Vulnerability

5 Jul 2024 3226 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY