CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Jul 23, 2024
High
CISA KEVCVE-2024-20399
Cisco—NX-OS
Cisco NX-OS contains a command injection vulnerability in the command line interface (CLI) that could allow an authenticated, local attacker to execute commands as root on the underlying operating system of an affected device.
Required Action
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmd-injection-xD9OhyOP; https://nvd.nist.gov/vuln/detail/CVE-2024-20399
Vulnerability Overview
- Severity
- High
- CISA KEV
- Yes
- Ransomware
- Unknown
- Published
- Jul 2, 2024
- KEV Added
- Jul 2, 2024
- Due Date
- Jul 23, 2024
- Related Articles
- 0
Vendor
Cisco
NX-OS