Cisco has launched patches for a number of collection of Nexus switches to repair a vulnerability that would permit attackers to cover the execution of bash instructions on the underlying working system.
Though the flaw is rated with reasonable severity as a result of it requires administrative credentials to take advantage of, it has been exploited within the wild since April, displaying that attackers don’t goal simply crucial or high-risk flaws.
Tracked as CVE-2024-20399, the flaw is brought on by inadequate validation of arguments handed with configuration instructions to the command line interface of NX-OS software program that powers varied collection of Cisco switches: MDS 9000 Sequence Multilayer Switches, Nexus 3000 Sequence Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Sequence Switches, Nexus 7000 Sequence Switches and Nexus 9000 Sequence Switches in standalone NX-OS mode.
