{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T17:13:57.343","vulnerabilities":[{"cve":{"id":"CVE-2024-20491","sourceIdentifier":"psirt@cisco.com","published":"2024-10-02T17:15:17.563","lastModified":"2024-10-08T15:55:08.933","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in a logging function of Cisco Nexus Dashboard Insights could allow an attacker with access to a tech support file to view sensitive information.\r\n\r\nThis vulnerability exists because remote controller credentials are recorded in an internal log that is stored in the tech support file. An attacker could exploit this vulnerability by accessing a tech support file that is generated from an affected system. A successful exploit could allow the attacker to view remote controller admin credentials in clear text.\r\nNote: Best practice is to store debug logs and tech support files safely and to share them only with trusted parties because they may contain sensitive information."},{"lang":"es","value":"Una vulnerabilidad en una función de registro de Cisco Nexus Dashboard Insights podría permitir que un atacante con acceso a un archivo de soporte técnico vea información confidencial. Esta vulnerabilidad existe porque las credenciales del controlador remoto se registran en un registro interno que se almacena en el archivo de soporte técnico. Un atacante podría aprovechar esta vulnerabilidad accediendo a un archivo de soporte técnico que se genera desde un sistema afectado. Una explotación exitosa podría permitir que el atacante vea las credenciales de administrador del controlador remoto en texto plano. Nota: La práctica recomendada es almacenar los registros de depuración y los archivos de soporte técnico de forma segura y compartirlos solo con partes de confianza porque pueden contener información confidencial."}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":4.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.0}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-532"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:nexus_dashboard_fabric_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndExcluding":"12.2.2.241","matchCriteriaId":"6641D0DD-C16A-40E9-B30E-A1827333026C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:nexus_dashboard_insights:*:*:*:*:*:*:*:*","versionEndExcluding":"6.4.0","matchCriteriaId":"E263CD38-1453-4C37-8F72-F3CEBF74B18D"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:nexus_dashboard_insights:*:*:*:*:*:*:*:*","versionStartIncluding":"6.5.0","versionEndExcluding":"6.5.1.32","matchCriteriaId":"FBA8D1B4-0D0D-4221-9CFC-9D28BB3952F5"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:nexus_dashboard_orchestrator:*:*:*:*:*:*:*:*","versionEndExcluding":"4.2\\(3o\\)","matchCriteriaId":"7FF72593-7A82-48A4-B3C7-1B12EFDC44A1"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:nexus_dashboard_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4.0","versionEndExcluding":"4.4.1.1012","matchCriteriaId":"EB6CF0D7-782B-4B66-9BEA-67A7D3592CCB"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndhs-idv-Bk8VqEDc","source":"psirt@cisco.com","tags":["Vendor Advisory"]}]}}]}