Nexus Dashboard

DATE	CVE	VULNERABILITY TITLE	RISK
2022-07-22	CVE-2022-20913	Improper Input Validation vulnerability in Cisco Nexus Dashboard A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote attacker to write arbitrary files on an affected device. network low complexity cisco CWE-20	6.5
2022-07-21	CVE-2022-20857	Missing Authentication for Critical Function vulnerability in Cisco Nexus Dashboard Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. network low complexity cisco CWE-306 critical	9.8
2022-07-21	CVE-2022-20858	Missing Authentication for Critical Function vulnerability in Cisco Nexus Dashboard Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. network low complexity cisco CWE-306 critical	9.8
2022-07-21	CVE-2022-20860	Improper Certificate Validation vulnerability in Cisco Nexus Dashboard A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to alter communications with associated controllers or view sensitive information. network high complexity cisco CWE-295	7.4
2022-07-21	CVE-2022-20861	Cross-Site Request Forgery (CSRF) vulnerability in Cisco Nexus Dashboard Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. network low complexity cisco CWE-352	8.8
2021-12-10	CVE-2021-44228	Deserialization of Untrusted Data vulnerability in multiple products Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. network low complexity apache siemens intel debian fedoraproject sonicwall netapp cisco snowsoftware bentley percussion apple CWE-502 critical	10.0