CVE-2020-3597

Name of the Vulnerable Software and Affected Versions Cisco Nexus Data Broker (affected versions not specified)

Description The issue is related to insufficient validation of configuration backup files in the configuration restore feature. This could allow a remote attacker to perform a directory traversal attack, potentially overwriting arbitrary files accessible through the affected software. The attacker could exploit this by persuading an administrator to restore a crafted configuration backup file.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.