Description

A vulnerability in the Cisco Nexus Dashboard Fabric Controller (NDFC) software, formerly Cisco Data Center Network Manager (DCNM), could allow an attacker with access to a backup file to view sensitive information. This vulnerability is due to the improper storage of sensitive information within config only and full backup files. An attacker could exploit this vulnerability by parsing the contents of a backup file that is generated from an affected device. A successful exploit could allow the attacker to access sensitive information, including NDFC-connected device credentials, the NDFC site manager private key, and the scheduled backup file encryption key.

INFO

Published Date :

2024-10-02T16:54:17.748Z

Last Modified :

2024-10-02T17:26:28.808Z

Source :

cisco
AFFECTED PRODUCTS

The following products are affected by CVE-2024-20448 vulnerability.

Vendors Products
Cisco
  • Nexus Dashboard Fabric Controller
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-20448.

URL Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-cidv-XvyX2wLj cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact