A Konica Minolta Company
Posted by Matt Weber - July 25, 2022 - Vulnerability, Cisco
Cisco announced several critical vulnerabilities for the Cisco Nexus Dashboard that could allow a remote unauthenticated attacker to run arbitrary commands, read image files, or run cross-site forgery attacks. Specifics of the vulnerabilities can be found here, and below is a brief description of each:
CVE-2022-20857: Arbitrary Command Execution
CVE-2022-20861: Cross-Site Request Forgery
CVE-2022-20858: Container Image Read and Write
There are no known exploits in the wild; however, due to the criticality of the vulnerabilities, affected Cisco Nexus customers should assess their hardware and determine best upgrade paths for their environment and Cisco contract entitlements.
If you have Cisco Nexus equipment in your environment and would like assistance with assessing exposure or best go forward plan, please reach out to your SymQuest Account Executive.
by Eric Bronson - October 26, 2023
A critical vulnerability was recently disclosed that affects VMware's vCenter Server and Cloud Foundation. The consequences of this vulnerability may...
by Eric Bronson - October 18, 2023
A critical vulnerability was recently disclosed that affects Cisco IOS XE products. The consequences of this vulnerability may result in a remote,...
by Matt Weber - October 06, 2023
A critical vulnerability was recently disclosed that affects WebP, an image file format commonly used in web browsers. The consequences of this...
Stay in the know and receive a notification right to your inbox when a security message is posted.
Subscribe