Description

A vulnerability in the configuration backup feature of Cisco Nexus Dashboard could allow an attacker who has the encryption password and access to Full or Config-only backup files to access sensitive information. This vulnerability exists because authentication details are included in the encrypted backup files. An attacker with a valid backup file and encryption password from an affected device could decrypt the backup file. The attacker could then use the authentication details in the backup file to access internal-only APIs on the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system as the root user.

INFO

Published Date :

2026-04-01T16:27:49.948Z

Last Modified :

2026-04-02T03:56:08.575Z

Source :

cisco
AFFECTED PRODUCTS

The following products are affected by CVE-2026-20042 vulnerability.

Vendors Products
Cisco
  • Nexus Dashboard
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-20042.

URL Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nd-cbid-5YqkOSHu cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact