{ "document": { "acknowledgments": [ { "summary": "This vulnerability was found during internal security testing by Nate Dunlap of the Cisco Advanced Security Initiatives Group (ASIG).\r\n\r\nCisco would also like to thank Deepanshu Chouhan and Jenis Modi of the Security Assurance Department, Rakuten Mobile Inc. for independently reporting this vulnerability." } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "notes": [ { "category": "summary", "title": "Summary", "text": "A vulnerability in the REST API and web UI of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to perform a command injection attack against an affected device.\r\n\r\nThis vulnerability is due to improper user authorization and insufficient validation of command arguments. An attacker could exploit this vulnerability by submitting crafted commands to an affected REST API endpoint or through the web UI. A successful exploit could allow the attacker to execute arbitrary commands on the CLI of a Cisco NDFC-managed device with network-admin privileges.\r\n\r\nNote: This vulnerability does not affect Cisco NDFC when it is configured for storage area network (SAN) controller deployment.\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\r\n\r\n" }, { "category": "general", "title": "Vulnerable Products", "text": "This vulnerability affects Cisco NDFC.\r\n\r\nNote: This vulnerability does not affect Cisco NDFC when it is configured for SAN controller deployment.\r\n\r\nNote: Cisco NDFC releases 11.5 and earlier were known as Cisco Data Center Network Manager (DCNM).\r\n\r\nFor information about which Cisco software releases are vulnerable, see the Fixed Software [\"#fs\"] section of this advisory." }, { "category": "general", "title": "Products Confirmed Not Vulnerable", "text": "Only products listed in the Vulnerable Products [\"#vp\"] section of this advisory are known to be affected by this vulnerability.\r\n\r\nCisco has confirmed that this vulnerability does not affect the following Cisco products:\r\n\r\nNexus Dashboard Insights\r\nNexus Dashboard Orchestrator (NDO)" }, { "category": "general", "title": "Workarounds", "text": "There are no workarounds that address this vulnerability." }, { "category": "general", "title": "Fixed Software", "text": "Cisco considers any workarounds and mitigations (if applicable) to be temporary solutions until an upgrade to a fixed software release is available. To fully remediate this vulnerability and avoid future exposure as described in this advisory, Cisco strongly recommends that customers upgrade to the fixed software indicated in this advisory.\r\n Fixed Releases\r\nIn the following table, the left column lists Cisco software releases. The right column indicates whether a release is affected by the vulnerability that is described in this advisory and the first release that includes the fix for this vulnerability. Customers are advised to upgrade to an appropriate fixed software release [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"] as indicated in this section.\r\n Cisco NDFC Release First Fixed Release 11.5 and earlier Migrate to a fixed release. 12.0 12.2.2\r\nNote: Starting with Cisco Nexus Dashboard Release 3.1(1k), Cisco NDFC is distributed in Cisco Nexus Dashboard unified releases. Cisco Nexus Dashboard Release 3.2(1e) includes Cisco NDFC Release 12.2.2.\r\n\r\nThe Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory." }, { "category": "general", "title": "Vulnerability Policy", "text": "To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy [\"http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html\"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco." }, { "category": "general", "title": "Exploitation and Public Announcements", "text": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." }, { "category": "general", "title": "Source", "text": "This vulnerability was found during internal security testing by Nate Dunlap of the Cisco Advanced Security Initiatives Group (ASIG).\r\n\r\nCisco would also like to thank Deepanshu Chouhan and Jenis Modi of the Security Assurance Department, Rakuten Mobile Inc. for independently reporting this vulnerability." }, { "category": "legal_disclaimer", "title": "Legal Disclaimer", "text": "THIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.\r\n\r\nA standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products." } ], "publisher": { "category": "vendor", "contact_details": "psirt@cisco.com", "issuing_authority": "Cisco PSIRT", "name": "Cisco", "namespace": "https://wwww.cisco.com" }, "references": [ { "category": "self", "summary": "Cisco Nexus Dashboard Fabric Controller Arbitrary Command Execution Vulnerability", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-cmdinj-UvYZrKfr" }, { "category": "external", "summary": "Cisco Security Vulnerability Policy", "url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html" }, { "category": "external", "summary": "fixed software release", "url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes" }, { "category": "external", "summary": "Security Vulnerability Policy", "url": "http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html" } ], "title": "Cisco Nexus Dashboard Fabric Controller Arbitrary Command Execution Vulnerability", "tracking": { "current_release_date": "2026-03-31T18:47:53+00:00", "generator": { "date": "2026-03-31T18:47:58+00:00", "engine": { "name": "TVCE" } }, "id": "cisco-sa-ndfc-cmdinj-UvYZrKfr", "initial_release_date": "2024-10-02T16:00:00+00:00", "revision_history": [ { "date": "2024-10-02T15:56:01+00:00", "number": "1.0.0", "summary": "Initial public release." }, { "date": "2026-03-31T18:47:53+00:00", "number": "1.1.0", "summary": "Updated information about Release 11.5 (DCNM). Updated source information." } ], "status": "final", "version": "1.1.0" } }, "product_tree": { "branches": [ { "name": "Cisco", "category": "vendor", "branches": [ { "name": "Cisco Data Center Network Manager", "category": "product_family", "product": { "name": "Cisco Data Center Network Manager ", "product_id": "CSAFPID-233075" } } ] } ] }, "vulnerabilities": [ { "cve": "CVE-2024-20432", "ids": [ { "system_name": "Cisco Bug ID", "text": "CSCwj10299" } ], "notes": [ { "category": "other", "title": "Affected Product Comprehensiveness", "text": "Complete." } ], "product_status": { "known_affected": [ "CSAFPID-233075" ] }, "remediations": [ { "category": "vendor_fix", "details": "Cisco has released software updates that address this vulnerability.", "product_ids": [ "CSAFPID-233075" ], "url": "https://software.cisco.com" } ], "scores": [ { "cvss_v3": { "baseScore": 9.9, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-233075" ] } ], "title": "Cisco Nexus Dashboard Fabric Controller Web UI Command Injection Vulnerability" } ] }