CVE-2023-20115

Name of the Vulnerable Software and Affected Versions Cisco Nexus 3000 Series Switches and 9000 Series Switches in standalone NX-OS mode (affected versions not specified)

Description A vulnerability in the SFTP server implementation could allow an authenticated, remote attacker to download or overwrite files from the underlying operating system of an affected device. This issue is due to a logic error when verifying the user role when an SFTP connection is opened to an affected device. An attacker could exploit this by connecting and authenticating via SFTP as a valid, non-administrator user, potentially allowing them to read or overwrite files with the privileges of the authenticated user.

Recommendations For Cisco Nexus 3000 Series Switches and 9000 Series Switches in standalone NX-OS mode, consider applying the software updates released by Cisco to address this vulnerability. As a temporary workaround, there are workarounds available that address this vulnerability, which can be used until the software updates are applied. Restrict access to the SFTP server to minimize the risk of exploitation. At the moment, there is no information about specific versions that contain a fix for this vulnerability, but applying the latest software updates from Cisco should resolve the issue.