CVE-2024-20448

Name of the Vulnerable Software and Affected Versions Cisco Nexus Dashboard Fabric Controller (NDFC) (affected versions not specified)

Description The issue is related to the improper storage of sensitive information within backup files, allowing an attacker with access to these files to view protected data. This could include NDFC-connected device credentials, the NDFC site manager private key, and the scheduled backup file encryption key. An attacker could exploit this by parsing the contents of a backup file generated from an affected device, potentially accessing sensitive information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.