Cisco Nexus Dashboard Vulnerabilities: CVE-2022-20857, CVE-2022-20858 and CVE-2022-20861

Share :

On Wednesday, July 20, 2022, Cisco disclosed a critical severity vulnerability – CVE-2022-20857 – impacting Cisco Nexus Dashboard, an integrated dashboard used for visibility and provisioning data center and cloud network infrastructure. If successfully exploited, the vulnerability could allow an unauthenticated, remote threat actor to execute arbitrary commands as the root user in any pod on a node. The vulnerability lies in a specific unnamed API with insufficient access controls and can be exploited by sending specially crafted HTTP requests to the affected API. 

In addition to the critical severity vulnerability, Cisco disclosed two high severity vulnerabilities (CVE-2022-20861 and CVE-2022-20858), which could lead to cross-site request forgery and access to services, respectively. Successful exploitation does not rely on an attack chain leveraging each vulnerability; they are independent of one another. 

The reported vulnerabilities were discovered during internal security testing, and patches are available to remediate all three vulnerabilities. 

  • CVE-2022-20857 (CVSS score: 9.8| Critical) – Cisco Nexus Dashboard arbitrary command execution vulnerability 
  • CVE-2022-20858 (CVSS score: 8.2| High) – Cisco Nexus Dashboard container image read and write vulnerability 
  • CVE-2022-20861 (CVSS score: 8.8 |High) – Cisco Nexus Dashboard cross-site request forgery (CSRF) vulnerability 

Impacted Products 

Product  Affected Releases  Fixed Release 
Cisco Nexus Dashboard 
  • 1.1 
  • 2.0 
  • 2.1 
  • 2.2 


Recommendation for CVE-2022-20857, CVE-2022-20858 and CVE-2022-20861: Apply Cisco Nexus Dashboard Software Update  

Cisco released version 2.2, which remediates CVE-2022-20857, CVE-2022-20861, and CVE-2022-20858. Arctic Wolf recommends applying the latest relevant software update to impacted products to mitigate the three vulnerabilities. 

Cisco recommends that customers with service contracts that entitle them to regular software updates should obtain security fixes through their usual update channels. 

Cisco Support & Downloads: Support – Cisco Support and Downloads – Documentation, Tools, Cases  


Picture of Steven Campbell

Steven Campbell

Steven Campbell is a Senior Threat Intelligence Researcher at Arctic Wolf Labs and has more than eight years of experience in intelligence analysis and security research. He has a strong background in infrastructure analysis and adversary tradecraft.
Share :
Table of Contents
Subscribe to our Monthly Newsletter