CVE-2024-20438
Published: 02 October 2024
Summary
CVE-2024-20438 is a medium-severity Protection Mechanism Failure (CWE-693) vulnerability in Cisco Nexus Dashboard. Its CVSS base score is 6.3 (Medium).
Operationally, ranked at the 34.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-18153
Vulnerability details
A vulnerability in the REST API endpoints of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to read or write files on an affected device. This vulnerability exists because of missing authorization controls on some REST API endpoints. An…
more
attacker could exploit this vulnerability by sending crafted API requests to an affected endpoint. A successful exploit could allow the attacker to perform limited network-admin functions such as reading device configuration information, uploading files, and modifying uploaded files. Note: This vulnerability only affects a subset of REST API endpoints and does not affect the web-based management interface.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Always invoking the reference monitor prevents missing authorization checks for protected resources.
Direct evaluation of whether controls produce desired security outcomes detects protection mechanism failures and enables remediation.
Requires verification that authorization checks are present and operational for protected resources.
Checking that all potentially impacted controls still function properly after maintenance detects and mitigates protection mechanism failures introduced during the process.
Tailoring ensures the authorization baseline is scoped and augmented so that missing authorization checks are identified and addressed for the target system.
When assessments or monitoring reveal that protection mechanisms are ineffective or bypassed, the required risk-response action directly restores or strengthens those mechanisms.
Requiring an access control policy ensures authorization checks are defined and applied for critical functions.
Reviews of access controls detect missing authorization checks on critical functions or resources.