Skip to main content

Cisco NX-OS Remote Code Execution Vulnerability

Release Date: 5 Jul 2024 2999 Views

RISK: High Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

A vulnerability has been identified in Cisco NX-OS. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution .

 

Note:

The CVE-2024-20399 vulnerability is being exploited in the wild. This vulnerability could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device.

To successfully exploit this vulnerability on a Cisco NX-OS device, an attacker must have Administrator credentials.


Impact

  • Remote Code Execution

System / Technologies affected

  • MDS 9000 Series Multilayer Switches
  • Nexus 3000 Series Switches
  • Nexus 5500 Platform Switches
  • Nexus 5600 Platform Switches 
  • Nexus 6000 Series Switches
  • Nexus 7000 Series Switches
  • Nexus 9000 Series Switches in standalone NX-OS mode

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:


Vulnerability Identifier


Source


Related Link