- Cisco has introduced many new patches for its Nexus Dashboard and some Small Business RV Series routers.
- Nexus Dashboard alone has 3 high severity vulnerabilities alongside one critical; allowing remote attackers to execute arbitrary code.
- The vulnerabilities have not been exploited by hackers yet; admins should apply the patches as soon as possible.
Cisco‘s Nexus Dashboard, which is used for managing cloud operations, including changing nodes, pods, and backup-restore features, has received patches for its existing vulnerabilities. Those patches fix 45 vulnerabilities in Cisco Nexus Dashboard and some routers; four of them are high and critical-rated ones.
One critical, three high severity flaws
Those vulnerabilities can allow remote attackers to execute arbitrary commands, read or upload container image files, and deploy cross-site request forgery attacks. One particular vulnerability, which can be tracked as CVE-2022-20857, has a CVSS score of 9.8, which means it is a critical vulnerability. This flaw allows unauthenticated remote attackers to access a specific API that runs in the data network, eventually allowing them to execute arbitrary commands on devices. The reason behind this flaw is insufficient access controls for a specific API.
CVE-2022-20861 vulnerability, which has a CVSS score of 8.8, allows attackers to deploy a cross-site request forgery (CSRF) attack; it is caused by insufficient CSRF protections for the web UI. The CVE-2022-20858 vulnerability has a CVSS score of 8.2; it allows remote attackers to access a service running in the data and management networks. This flaw is caused by insufficient access controls for a service that manages container images.
The final high-severity vulnerability on Nexus Dashboard, CVE-2022-20860, has a severity score of 7.4. This vulnerability exists on SSL certificate validation on Nexus Dashboard, allowing remote attackers to alter communications with associated controllers as well as view sensitive information. Several medium-severity vulnerabilities that affect specific Cisco Small Business RV Series network devices have been patched as well. You can see the affected devices below:
- RV110W Wireless-N VPN Firewall
- RV130 VPN Router
- RV130W Wireless-N Multifunction VPN Router
- RV215W Wireless-N VPN Router
According to Cisco, none of those vulnerabilities has been exploited by any attackers yet. But admins should immediately apply the related patches in order to secure their systems against possible attacks.