{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-20174", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2025-10-08T11:59:15.392Z", "datePublished": "2026-04-01T16:29:22.721Z", "dateUpdated": "2026-04-01T18:09:37.371Z"}, "containers": {"cna": {"title": "Cisco Nexus Dashboard Insights Arbitrary File Write Vulnerability", "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", "baseScore": 4.9, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}}], "descriptions": [{"lang": "en", "value": "A vulnerability in the Metadata update feature of Cisco Nexus Dashboard Insights could allow an authenticated, remote attacker to write arbitrary files to an affected system.\r\n\r\nThis vulnerability is due to insufficient validation of the metadata update file. An attacker could exploit this vulnerability by crafting a metadata update file and manually uploading it to an affected device. A successful exploit could allow the attacker to write arbitrary files to the underlying operating system as the root user. To exploit this vulnerability, the attacker must have valid administrative credentials.\r\nNote: Manual uploading of metadata files is typical for Air-Gap environments but not for Cisco Intersight Cloud connected devices. However, the manual upload option exists for both deployments."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndi-afw-rJuRC5dZ", "name": "cisco-sa-ndi-afw-rJuRC5dZ"}], "exploits": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "source": {"advisory": "cisco-sa-ndi-afw-rJuRC5dZ", "discovery": "INTERNAL", "defects": ["CSCws40848"]}, "problemTypes": [{"descriptions": [{"lang": "en", "description": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "type": "cwe", "cweId": "CWE-22"}]}], "affected": [{"vendor": "Cisco", "product": "Cisco Nexus Dashboard", "versions": [{"version": "3.1(1k)", "status": "affected"}, {"version": "3.1(1l)", "status": "affected"}, {"version": "3.2(1e)", "status": "affected"}, {"version": "3.2(1i)", "status": "affected"}, {"version": "3.3(1a)", "status": "affected"}, {"version": "3.3(1b)", "status": "affected"}, {"version": "3.3(2b)", "status": "affected"}, {"version": "4.0(1i)", "status": "affected"}, {"version": "3.3(2g)", "status": "affected"}, {"version": "3.2(2f)", "status": "affected"}, {"version": "3.2(2g)", "status": "affected"}, {"version": "3.2(2m)", "status": "affected"}, {"version": "3.1(1n)", "status": "affected"}, {"version": "4.1(1g)", "status": "affected"}], "defaultStatus": "unknown"}, {"vendor": "Cisco", "product": "Cisco Nexus Dashboard Insights", "versions": [{"version": "2.2.2.125", "status": "affected"}, {"version": "2.2.2.126", "status": "affected"}, {"version": "5.0.1.150", "status": "affected"}, {"version": "5.0.1.154", "status": "affected"}, {"version": "5.1.0.131", "status": "affected"}, {"version": "5.1.0.135", "status": "affected"}, {"version": "6.0.1", "status": "affected"}, {"version": "6.0.2", "status": "affected"}, {"version": "6.1.1", "status": "affected"}, {"version": "6.1.2", "status": "affected"}, {"version": "6.1.3", "status": "affected"}, {"version": "6.2.1", "status": "affected"}, {"version": "6.2.2", "status": "affected"}, {"version": "6.3.1", "status": "affected"}, {"version": "6.4.1", "status": "affected"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2026-04-01T16:29:22.721Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-01T18:09:26.289152Z", "id": "CVE-2026-20174", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-01T18:09:37.371Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-20174", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-01T18:09:26.289152Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-01T18:09:31.551Z"}}], "cna": {"title": "Cisco Nexus Dashboard Insights Arbitrary File Write Vulnerability", "source": {"defects": ["CSCws40848"], "advisory": "cisco-sa-ndi-afw-rJuRC5dZ", "discovery": "INTERNAL"}, "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Cisco", "product": "Cisco Nexus Dashboard", "versions": [{"status": "affected", "version": "3.1(1k)"}, {"status": "affected", "version": "3.1(1l)"}, {"status": "affected", "version": "3.2(1e)"}, {"status": "affected", "version": "3.2(1i)"}, {"status": "affected", "version": "3.3(1a)"}, {"status": "affected", "version": "3.3(1b)"}, {"status": "affected", "version": "3.3(2b)"}, {"status": "affected", "version": "4.0(1i)"}, {"status": "affected", "version": "3.3(2g)"}, {"status": "affected", "version": "3.2(2f)"}, {"status": "affected", "version": "3.2(2g)"}, {"status": "affected", "version": "3.2(2m)"}, {"status": "affected", "version": "3.1(1n)"}, {"status": "affected", "version": "4.1(1g)"}], "defaultStatus": "unknown"}, {"vendor": "Cisco", "product": "Cisco Nexus Dashboard Insights", "versions": [{"status": "affected", "version": "2.2.2.125"}, {"status": "affected", "version": "2.2.2.126"}, {"status": "affected", "version": "5.0.1.150"}, {"status": "affected", "version": "5.0.1.154"}, {"status": "affected", "version": "5.1.0.131"}, {"status": "affected", "version": "5.1.0.135"}, {"status": "affected", "version": "6.0.1"}, {"status": "affected", "version": "6.0.2"}, {"status": "affected", "version": "6.1.1"}, {"status": "affected", "version": "6.1.2"}, {"status": "affected", "version": "6.1.3"}, {"status": "affected", "version": "6.2.1"}, {"status": "affected", "version": "6.2.2"}, {"status": "affected", "version": "6.3.1"}, {"status": "affected", "version": "6.4.1"}], "defaultStatus": "unknown"}], "exploits": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndi-afw-rJuRC5dZ", "name": "cisco-sa-ndi-afw-rJuRC5dZ"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the Metadata update feature of Cisco Nexus Dashboard Insights could allow an authenticated, remote attacker to write arbitrary files to an affected system.\r\n\r\nThis vulnerability is due to insufficient validation of the metadata update file. An attacker could exploit this vulnerability by crafting a metadata update file and manually uploading it to an affected device. A successful exploit could allow the attacker to write arbitrary files to the underlying operating system as the root user. To exploit this vulnerability, the attacker must have valid administrative credentials.\r\nNote: Manual uploading of metadata files is typical for Air-Gap environments but not for Cisco Intersight Cloud connected devices. However, the manual upload option exists for both deployments."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "cwe", "cweId": "CWE-22", "description": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2026-04-01T16:29:22.721Z"}}}, "cveMetadata": {"cveId": "CVE-2026-20174", "state": "PUBLISHED", "dateUpdated": "2026-04-01T18:09:37.371Z", "dateReserved": "2025-10-08T11:59:15.392Z", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2026-04-01T16:29:22.721Z", "assignerShortName": "cisco"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the Metadata update feature of Cisco Nexus Dashboard Insights could allow an authenticated, remote attacker to write arbitrary files to an affected system.\r\n\r\nThis vulnerability is due to insufficient validation of the metadata update file. An attacker could exploit this vulnerability by crafting a metadata update file and manually uploading it to an affected device. A successful exploit could allow the attacker to write arbitrary files to the underlying operating system as the root user. To exploit this vulnerability, the attacker must have valid administrative credentials.\r\nNote: Manual uploading of metadata files is typical for Air-Gap environments but not for Cisco Intersight Cloud connected devices. However, the manual upload option exists for both deployments."}], "id": "CVE-2026-20174", "lastModified": "2026-04-03T16:11:11.357", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "psirt@cisco.com", "type": "Primary"}]}, "published": "2026-04-01T17:28:31.937", "references": [{"source": "psirt@cisco.com", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndi-afw-rJuRC5dZ"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "psirt@cisco.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.1(1k)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.1(1l)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.2(1e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.2(1i)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.3(1a)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.3(1b)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.3(2b)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "4.0(1i)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.3(2g)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.2(2f)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.2(2g)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.2(2m)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.1(1n)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "4.1(1g)"}}], "enrichment": {"confidence": 88.0, "confidence_source": "matching", "scores": [{"score": 88.0, "source": "matching"}]}, "original": {"product": "Cisco Nexus Dashboard", "source": "cna", "vendor": "Cisco"}, "product": "nexus_dashboard", "vendor": "cisco"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.2.2.125"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.2.2.126"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "5.0.1.150"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "5.0.1.154"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "5.1.0.131"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "5.1.0.135"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.0.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.0.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.1.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.1.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.1.3"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.2.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.2.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.3.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.4.1"}}], "enrichment": {"confidence": 91.0, "confidence_source": "matching", "scores": [{"score": 91.0, "source": "matching"}]}, "original": {"product": "Cisco Nexus Dashboard Insights", "source": "cna", "vendor": "Cisco"}, "product": "nexus_dashboard_insights", "vendor": "cisco"}], "analysis": {"en": {"generated_at": "2026-04-02T02:43:31.794824+00:00", "value": {"mitigation_remediation": ["Install the software update or patch for Cisco Nexus Dashboard Insights referenced in the Cisco security advisory.", "If a patch is not yet available, disable the manual metadata upload capability in device configuration to prevent file writes.", "Monitor device logs for any unauthorized metadata upload attempts and investigate promptly.", "Enforce strict access controls on administrative credentials, using least privilege and multi\u2011factor authentication to reduce the chance of credential compromise."], "summary": {"action": "Apply Patch", "impact": "Remote arbitrary file write with root privileges"}, "threat_synthesis": {"affected_systems": "Cisco Nexus Dashboard and Cisco Nexus Dashboard Insights are the impacted products. The exact affected software versions are not listed in the advisory, but the flaw exists in any deployment that supports the metadata update feature, including both air\u2011gap and cloud\u2011connected environments.", "description_and_impact": "A Cisco Nexus Dashboard Insights vulnerability allows an authenticated, remote attacker who possesses valid administrative credentials to craft and upload a modified metadata file, leading to arbitrary file writes on the device\u2019s underlying operating system as the root user. This weakness falls under the file path traversal category and enables the attacker to modify system files, potentially compromising confidentiality, integrity, or availability of the affected system.", "risk_and_exploitability": "The CVSS score is 4.9, indicating moderate severity. EPSS information is not available, and the vulnerability is not listed in the CISA KEV catalog. Exploitation requires authenticated remote access; an attacker would need legitimate administrative credentials. The likely attack vector is remote, authenticated file upload. Due to the requirement for credentials, the risk to systems with strong access controls is lower, but not negligible if administrative credentials are compromised."}}}}, "created": "2026-04-02T07:48:23.877593+00:00", "updated": "2026-04-03T08:58:27.587651+00:00", "vendors": ["cisco", "cisco$PRODUCT$nexus_dashboard", "cisco$PRODUCT$nexus_dashboard_insights"]}