CNNVD-202508-3208 Information
CNNVD ID
CNNVD-202508-3208
Related CVE
- CNNVD Published: 2025-08-27
Description (Chinese)
Cisco Nexus Dashboard和Cisco Nexus Dashboard Fabric Controller都是美国思科(Cisco)公司的产品。Cisco Nexus Dashboard是一个单一控制台。能够简化数据中心网络的运营和管理。Cisco Nexus Dashboard Fabric Controller是一种用于管理 Cisco NX-OS 部署的综合网络管理平台,适用于数据中心的 LAN、SAN 和 IP Fabric for Media (IPFM) 网络 。 Cisco Nexus Dashboard和Cisco Nexus Dashboard Fabric Controller存在安全漏洞,该漏洞源于REST API端点授权控制缺失,可能导致敏感信息泄露或文件操作。
Description (English)
Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller are products of Cisco. Cisco Nexus Dashboard is a single console. The operation and management of the data centre network could be streamlined. Cisco Nexus Dashboard Fabric Controller is an integrated network management platform for the management of Cisco NX-OS deployments, which applies to the LAN, SAN and IP Fabric for Media (IPFM) networks for data centres. Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller had a security loophole, which stemmed from the absence of RRT API endpoint authorization controls, which could lead to sensitive information leaks or file operations.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Citadel
Published
2025-08-27
Last Modified
2026-02-24
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nshs-urapi-gJuBVFpu https://nvd.nist.gov/vuln/detail/CVE-2025-20348