{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-20042", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2025-10-08T11:59:15.354Z", "datePublished": "2026-04-01T16:27:49.948Z", "dateUpdated": "2026-04-02T03:56:08.575Z"}, "containers": {"cna": {"title": "Cisco Nexus Dashboard Configuration REST API Unauthorized Access Vulnerability", "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}}], "descriptions": [{"lang": "en", "value": "A vulnerability in the configuration backup feature of Cisco Nexus Dashboard could allow an attacker who has the encryption password and access to Full or Config-only backup files to access sensitive information.\r\n\r\nThis vulnerability exists because authentication details are included in the encrypted backup files. An attacker with a valid backup file and encryption password from an affected device could decrypt the backup file. The attacker could then use the authentication details in the backup file to access internal-only APIs on the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system as the root user."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nd-cbid-5YqkOSHu", "name": "cisco-sa-nd-cbid-5YqkOSHu"}], "exploits": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "source": {"advisory": "cisco-sa-nd-cbid-5YqkOSHu", "discovery": "INTERNAL", "defects": ["CSCwq66302"]}, "problemTypes": [{"descriptions": [{"lang": "en", "description": "Improper Certificate Validation", "type": "cwe", "cweId": "CWE-295"}]}], "affected": [{"vendor": "Cisco", "product": "Cisco Nexus Dashboard", "versions": [{"version": "1.1(3e)", "status": "affected"}, {"version": "1.1(3c)", "status": "affected"}, {"version": "1.1(3d)", "status": "affected"}, {"version": "1.1(0d)", "status": "affected"}, {"version": "1.1(2i)", "status": "affected"}, {"version": "2.0(1b)", "status": "affected"}, {"version": "1.1(2h)", "status": "affected"}, {"version": "1.1(0c)", "status": "affected"}, {"version": "1.1(3f)", "status": "affected"}, {"version": "2.1(1d)", "status": "affected"}, {"version": "2.1(1e)", "status": "affected"}, {"version": "2.0(2g)", "status": "affected"}, {"version": "2.0(2h)", "status": "affected"}, {"version": "2.1(2d)", "status": "affected"}, {"version": "2.0(1d)", "status": "affected"}, {"version": "2.2(1h)", "status": "affected"}, {"version": "2.2(1e)", "status": "affected"}, {"version": "2.2(2d)", "status": "affected"}, {"version": "2.1(2f)", "status": "affected"}, {"version": "2.3(1c)", "status": "affected"}, {"version": "2.3(2b)", "status": "affected"}, {"version": "2.3(2c)", "status": "affected"}, {"version": "2.3(2d)", "status": "affected"}, {"version": "2.3(2e)", "status": "affected"}, {"version": "3.0(1f)", "status": "affected"}, {"version": "3.0(1i)", "status": "affected"}, {"version": "3.1(1k)", "status": "affected"}, {"version": "3.1(1l)", "status": "affected"}, {"version": "3.2(1e)", "status": "affected"}, {"version": "3.2(1i)", "status": "affected"}, {"version": "3.3(1a)", "status": "affected"}, {"version": "3.3(1b)", "status": "affected"}, {"version": "3.3(2b)", "status": "affected"}, {"version": "4.0(1i)", "status": "affected"}, {"version": "3.3(2g)", "status": "affected"}, {"version": "3.2(2f)", "status": "affected"}, {"version": "3.2(2g)", "status": "affected"}, {"version": "3.2(2m)", "status": "affected"}, {"version": "3.1(1n)", "status": "affected"}, {"version": "4.1(1g)", "status": "affected"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2026-04-01T16:27:49.948Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-01T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2026-20042"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-02T03:56:08.575Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-20042", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-01T18:12:44.478416Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-01T18:12:46.925Z"}}], "cna": {"title": "Cisco Nexus Dashboard Configuration REST API Unauthorized Access Vulnerability", "source": {"defects": ["CSCwq66302"], "advisory": "cisco-sa-nd-cbid-5YqkOSHu", "discovery": "INTERNAL"}, "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Cisco", "product": "Cisco Nexus Dashboard", "versions": [{"status": "affected", "version": "1.1(3e)"}, {"status": "affected", "version": "1.1(3c)"}, {"status": "affected", "version": "1.1(3d)"}, {"status": "affected", "version": "1.1(0d)"}, {"status": "affected", "version": "1.1(2i)"}, {"status": "affected", "version": "2.0(1b)"}, {"status": "affected", "version": "1.1(2h)"}, {"status": "affected", "version": "1.1(0c)"}, {"status": "affected", "version": "1.1(3f)"}, {"status": "affected", "version": "2.1(1d)"}, {"status": "affected", "version": "2.1(1e)"}, {"status": "affected", "version": "2.0(2g)"}, {"status": "affected", "version": "2.0(2h)"}, {"status": "affected", "version": "2.1(2d)"}, {"status": "affected", "version": "2.0(1d)"}, {"status": "affected", "version": "2.2(1h)"}, {"status": "affected", "version": "2.2(1e)"}, {"status": "affected", "version": "2.2(2d)"}, {"status": "affected", "version": "2.1(2f)"}, {"status": "affected", "version": "2.3(1c)"}, {"status": "affected", "version": "2.3(2b)"}, {"status": "affected", "version": "2.3(2c)"}, {"status": "affected", "version": "2.3(2d)"}, {"status": "affected", "version": "2.3(2e)"}, {"status": "affected", "version": "3.0(1f)"}, {"status": "affected", "version": "3.0(1i)"}, {"status": "affected", "version": "3.1(1k)"}, {"status": "affected", "version": "3.1(1l)"}, {"status": "affected", "version": "3.2(1e)"}, {"status": "affected", "version": "3.2(1i)"}, {"status": "affected", "version": "3.3(1a)"}, {"status": "affected", "version": "3.3(1b)"}, {"status": "affected", "version": "3.3(2b)"}, {"status": "affected", "version": "4.0(1i)"}, {"status": "affected", "version": "3.3(2g)"}, {"status": "affected", "version": "3.2(2f)"}, {"status": "affected", "version": "3.2(2g)"}, {"status": "affected", "version": "3.2(2m)"}, {"status": "affected", "version": "3.1(1n)"}, {"status": "affected", "version": "4.1(1g)"}], "defaultStatus": "unknown"}], "exploits": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nd-cbid-5YqkOSHu", "name": "cisco-sa-nd-cbid-5YqkOSHu"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the configuration backup feature of Cisco Nexus Dashboard could allow an attacker who has the encryption password and access to Full or Config-only backup files to access sensitive information.\r\n\r\nThis vulnerability exists because authentication details are included in the encrypted backup files. An attacker with a valid backup file and encryption password from an affected device could decrypt the backup file. The attacker could then use the authentication details in the backup file to access internal-only APIs on the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system as the root user."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "cwe", "cweId": "CWE-295", "description": "Improper Certificate Validation"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2026-04-01T16:27:49.948Z"}}}, "cveMetadata": {"cveId": "CVE-2026-20042", "state": "PUBLISHED", "dateUpdated": "2026-04-02T03:56:08.575Z", "dateReserved": "2025-10-08T11:59:15.354Z", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2026-04-01T16:27:49.948Z", "assignerShortName": "cisco"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the configuration backup feature of Cisco Nexus Dashboard could allow an attacker who has the encryption password and access to Full or Config-only backup files to access sensitive information.\r\n\r\nThis vulnerability exists because authentication details are included in the encrypted backup files. An attacker with a valid backup file and encryption password from an affected device could decrypt the backup file. The attacker could then use the authentication details in the backup file to access internal-only APIs on the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system as the root user."}], "id": "CVE-2026-20042", "lastModified": "2026-04-03T16:11:11.357", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.2, "source": "psirt@cisco.com", "type": "Primary"}]}, "published": "2026-04-01T17:28:26.173", "references": [{"source": "psirt@cisco.com", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nd-cbid-5YqkOSHu"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-295"}], "source": "psirt@cisco.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.1(3e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.1(3c)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.1(3d)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.1(0d)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.1(2i)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.0(1b)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.1(2h)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.1(0c)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.1(3f)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.1(1d)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.1(1e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.0(2g)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.0(2h)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.1(2d)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.0(1d)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.2(1h)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.2(1e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.2(2d)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.1(2f)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.3(1c)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.3(2b)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.3(2c)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.3(2d)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.3(2e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.0(1f)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.0(1i)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.1(1k)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.1(1l)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.2(1e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.2(1i)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.3(1a)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.3(1b)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.3(2b)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "4.0(1i)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.3(2g)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.2(2f)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.2(2g)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.2(2m)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.1(1n)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "4.1(1g)"}}], "enrichment": {"confidence": 88.0, "confidence_source": "matching", "scores": [{"score": 88.0, "source": "matching"}]}, "original": {"product": "Cisco Nexus Dashboard", "source": "cna", "vendor": "Cisco"}, "product": "nexus_dashboard", "vendor": "cisco"}], "analysis": {"en": {"generated_at": "2026-04-02T02:46:54.883220+00:00", "value": {"mitigation_remediation": ["Verify all backup files for embedded authentication credentials and remove them if possible.", "Control access to backup files and encryption passwords so that only trusted administrators can retrieve them.", "Implement firewall rules or network segmentation to restrict access to internal-only APIs from untrusted hosts.", "Apply any Cisco patches or updates that remove the vulnerability once available.", "Monitor system logs for unusual API activity or command execution events."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "Cisco Nexus Dashboard is affected by this flaw. No specific version information is supplied, so all installations of the product should be considered potentially vulnerable.", "description_and_impact": "The vulnerability allows an attacker who has both the encryption password and access to backup files to decrypt the configuration backup. Once decrypted, the attacker can extract authentication credentials stored in the backup file, use them to access internal-only APIs, and ultimately execute arbitrary commands as the root user of the device.", "risk_and_exploitability": "The vulnerability has a CVSS score of 6.5, indicating a medium to high severity. The EPSS score is not available, and it is not listed in the CISA KEV catalog. An attacker must obtain the encryption password and a valid backup file, then use those credentials to decrypt the backup and perform the malicious actions. Exploitation likely requires either local access to backups or the ability to obtain the backup files through other means. The attack vector appears to be indirect, relying on compromised backup file access rather than a direct remote service attack."}}}}, "created": "2026-04-02T07:48:49.306390+00:00", "updated": "2026-04-03T08:58:37.037886+00:00", "vendors": ["cisco", "cisco$PRODUCT$nexus_dashboard"]}