Multiple vulnerabilities in the REST APIs of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to perform a limited set of network-admin functions on an affected device.
For more information about these vulnerabilities, see the Details section of this advisory.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndhs-uaapi-Jh4V6zpN
Security Impact Rating: Medium
CVE: CVE-2024-20438,CVE-2024-20441,CVE-2024-20442,CVE-2024-20477
Source:: Cisco Security Advisories