Command Injection in Cisco NDFC REST API
CVE-2024-20444 Published on October 2, 2024

Cisco Nexus Dashboard Fabric Controller REST API Command Injection Vulnerability
A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC), formerly Cisco Data Center Network Manager (DCNM), could allow an authenticated, remote attacker with network-admin privileges to perform a command injection attack against an affected device.   This vulnerability is due to insufficient validation of command arguments. An attacker could exploit this vulnerability by submitting crafted command arguments to a specific REST API endpoint. A successful exploit could allow the attacker to overwrite sensitive files or crash a specific container, which would restart on its own, causing a low-impact denial of service (DoS) condition.

NVD

Vulnerability Analysis

CVE-2024-20444 is exploitable with network access, and requires user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity, and a small impact on availability.

Attack Vector:

NETWORK

Attack Complexity:

LOW

Privileges Required:

HIGH

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

NONE

Integrity Impact:

HIGH

Availability Impact:

LOW

Weakness Type

What is an Argument Injection Vulnerability?

The software constructs a string for a command to executed by a separate component in another control sphere, but it does not properly delimit the intended arguments, options, or switches within that command string.

CVE-2024-20444 has been classified to as an Argument Injection vulnerability or weakness.

Products Associated with CVE-2024-20444

Want to know whenever a new CVE is published for Cisco Nexus Dashboard Fabric Controller? stack.watch will email you.

Cisco Nexus Dashboard Fabric Controller

Affected Versions

Cisco Data Center Network Manager:

Version 11.2(1) is affected.
Version 7.0(2) is affected.
Version 10.3(2)IPFM is affected.
Version 10.1(1) is affected.
Version 7.2(3) is affected.
Version 7.2(2) is affected.
Version 7.2(1) is affected.
Version 11.0(1) is affected.
Version 10.4(1) is affected.
Version 10.2(1) is affected.
Version 7.2(2a) is affected.
Version 10.1(2) is affected.
Version 7.1(1) is affected.
Version 12.1(1) is affected.
Version 11.1(1) is affected.
Version 10.3(1) is affected.
Version 10.3(1)R(1) is affected.
Version 7.0(1) is affected.
Version 10.0(1) is affected.
Version 7.1(2) is affected.
Version 11.4(1) is affected.
Version 10.4(2) is affected.
Version 11.3(1) is affected.
Version 11.5(1) is affected.
Version 11.5(2) is affected.
Version 11.5(3) is affected.
Version 12.0.1a is affected.
Version 11.5(3a) is affected.
Version 12.0.2d is affected.
Version 12.0.2f is affected.
Version 11.5(4) is affected.
Version 12.1.1 is affected.
Version 12.1.1e is affected.
Version 12.1.1p is affected.
Version 12.1.2e is affected.
Version 12.1.2p is affected.
Version 12.1.3b is affected.
Version 12.2.1 is affected.

cisco data_center_network_manager:

Version 11.2(1) is affected.
Version 7.0(2) is affected.
Version 10.3(2)IPFM is affected.
Version 10.1(1) is affected.
Version 7.2(3) is affected.
Version 7.2(2) is affected.
Version 7.2(1) is affected.
Version 11.0(1) is affected.
Version 10.4(1) is affected.
Version 10.2(1) is affected.
Version 7.2(2a) is affected.
Version 10.1(2) is affected.
Version 7.1(1) is affected.
Version 12.1(1) is affected.
Version 11.1(1) is affected.
Version 10.3(1) is affected.
Version 10.3(1)R(1) is affected.
Version 7.0(1) is affected.
Version 10.0(1) is affected.
Version 7.1(2) is affected.
Version 11.4(1) is affected.
Version 10.4(2) is affected.
Version 11.3(1) is affected.
Version 11.5(1) is affected.
Version 11.5(2) is affected.
Version 11.5(3) is affected.
Version 12.0.1a is affected.
Version 11.5(3a) is affected.
Version 12.0.2d is affected.
Version 12.0.2f is affected.
Version 11.5(4) is affected.
Version 12.1.1 is affected.
Version 12.1.1e is affected.
Version 12.1.1p is affected.
Version 12.1.2e is affected.
Version 12.1.2p is affected.
Version 12.1.3b is affected.
Version 12.2.1 is affected.

Exploit Probability

EPSS

0.27%

Percentile

50.25%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.