CVE-2022-20860

{"id": "CVE-2022-20860", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.2}, {"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.2}]}, "published": "2022-07-21T04:15:10.417", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nd-tlsvld-TbAQLp3N", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-295"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-295"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to alter communications with associated controllers or view sensitive information. This vulnerability exists because SSL server certificates are not validated when Cisco Nexus Dashboard is establishing a connection to Cisco Application Policy Infrastructure Controller (APIC), Cisco Cloud APIC, or Cisco Nexus Dashboard Fabric Controller, formerly Data Center Network Manager (DCNM) controllers. An attacker could exploit this vulnerability by using man-in-the-middle techniques to intercept the traffic between the affected device and the controllers, and then using a crafted certificate to impersonate the controllers. A successful exploit could allow the attacker to alter communications between devices or view sensitive information, including Administrator credentials for these controllers."}, {"lang": "es", "value": "Una vulnerabilidad en la implementaci\u00f3n de SSL/TLS de Cisco Nexus Dashboard podr\u00eda permitir a un atacante remoto no autenticado alterar las comunicaciones con los controladores asociados o visualizar informaci\u00f3n confidencial. Esta vulnerabilidad se presenta porque los certificados de servidor SSL no son comprobados cuando Cisco Nexus Dashboard establece una conexi\u00f3n con Cisco Application Policy Infrastructure Controller (APIC), Cisco Cloud APIC o Cisco Nexus Dashboard Fabric Controller, anteriormente controladores Data Center Network Manager (DCNM). Un atacante podr\u00eda explotar esta vulnerabilidad al usar t\u00e9cnicas de tipo man-in-the-middle para interceptar el tr\u00e1fico entre el dispositivo afectado y los controladores, y luego usar un certificado dise\u00f1ado para hacerse pasar por los controladores. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante alterar las comunicaciones entre los dispositivos o visualizar informaci\u00f3n confidencial, incluyendo las credenciales de administrador de estos controladores"}], "lastModified": "2023-11-07T03:43:08.823", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:nexus_dashboard:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B05301D0-5BFC-4BA1-8A14-0ED029CEF6EE", "versionEndExcluding": "2.2\\(1h\\)", "versionStartIncluding": "1.1"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}