Cisco has launched patches for a number of sequence of Nexus switches to repair a vulnerability that might enable attackers to cover the execution of bash instructions on the underlying working system.
Though the flaw is rated with reasonable severity as a result of it requires administrative credentials to take advantage of, it has been exploited within the wild since April, displaying that attackers don’t goal simply crucial or high-risk flaws.
Tracked as CVE-2024-20399, the flaw is brought on by inadequate validation of arguments handed with configuration instructions to the command line interface of NX-OS software program that powers numerous sequence of Cisco switches: MDS 9000 Collection Multilayer Switches, Nexus 3000 Collection Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Collection Switches, Nexus 7000 Collection Switches and Nexus 9000 Collection Switches in standalone NX-OS mode.
