Cisco Nexus Dashboard Privilege Escalation Vulnerabilities<p>Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device.</p>
<p>These vulnerabilities are due to insufficient input validation during CLI command execution on an affected device. An attacker could exploit these vulnerabilities by authenticating as the rescue-user and executing vulnerable CLI commands using a malicious payload. A successful exploit could allow the attacker to elevate privileges to <em>root </em>on an affected device.</p>
<p>Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.</p>
<p>This advisory is available at the following link:<br><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndb-mprvesc-EMhDgXe5">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndb-mprvesc-EMhDgXe5</a></p>
Security Impact Rating: Medium
CVE: CVE-2022-20906,CVE-2022-20907,CVE-2022-20908,CVE-2022-20909
Source: Cisco Nexus Dashboard Privilege Escalation Vulnerabilities (https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndb-mprvesc-EMhDgXe5?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Nexus%20Dashboard%20Privilege%20Escalation%20Vulnerabilities&vs_k=1)