Cisco patches actively exploited zero-day flaw in Nexus switches

Cisco has released patches for several series of Nexus switches to fix a vulnerability that could allow attackers to hide the execution of bash commands on the underlying operating system.

Although the flaw is rated with moderate severity because it requires administrative credentials to exploit, it has been exploited in the wild since April, showing that attackers don’t target just critical or high-risk flaws.

Tracked as CVE-2024-20399, the flaw is caused by insufficient validation of arguments passed with configuration commands to the command line interface of NX-OS software that powers various series of Cisco switches: MDS 9000 Series Multilayer Switches, Nexus 3000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches and Nexus 9000 Series Switches in standalone NX-OS mode.

Source link

Cisco patches actively exploited zero-day flaw in Nexus switches

VMWARE

Helping Public Sector Organisations Define Cloud Strategy

How to change the VLAN ID of the Service Console in ESX from the command line/console

Cisco UCS and Vmware Interfaces (Vnics) HA Design Considerations

Troubleshooting network and TCP/UDP port connectivity issues on ESX/ESXi(2020669)

vSphere Client Parameters

Configuration Templates

CUE Licenses

Trouble shooting Unity Express with Call Manager Integeration & Operational Issues

CME Configuration Example: SIP Trunks to Viatalk and VoIP.ms

SIP Phone registration – CME Configuration

CUE Voicemail + VPIM networking (CUE to unity)

Related Post

VMWARE

Configuration Templates