How severe is CVE-2024-20448?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.6 out of 10.

What type of vulnerability is CVE-2024-20448?

This is classified as CWE-313, which is a common weakness in software security.

CVE-2024-20448 - HIGH Severity | CVSS 8.6

Vulnerability Description

A vulnerability in the Cisco Nexus Dashboard Fabric Controller (NDFC) software, formerly Cisco Data Center Network Manager (DCNM), could allow an attacker with access to a backup file to view sensitive information. This vulnerability is due to the improper storage of sensitive information within config only and full backup files. An attacker could exploit this vulnerability by parsing the contents of a backup file that is generated from an affected device. A successful exploit could allow the attacker to access sensitive information, including NDFC-connected device credentials, the NDFC site manager private key, and the scheduled backup file encryption key.

Related Vulnerabilities

CVE-2016-6538

HIGH

CVSS:8.8(High)

The TrackR Bravo mobile app stores the account password used to authenticate to the cloud API in cleartext in the cache.db file. Updated apps, version 5.1.6 for iOS and 2.2.5 for Android, have been re...

CWE-3132016

CVE-2016-6546

HIGH

CVSS:7.8(High)

The iTrack Easy mobile application stores the account password used to authenticate to the cloud API in base64-encoding in the cache.db file. The base64 encoding format is considered equivalent to cle...

CWE-3132016

CVE-2016-6547

HIGH

CVSS:7.8(High)

The Zizai Tech Nut mobile app stores the account password used to authenticate to the cloud API in cleartext in the cache.db file.

CWE-3132016

CVE-2024-6785

MEDIUM

CVSS:7.1(High)

The configuration file stores credentials in cleartext. An attacker with local access rights can read or modify the configuration file, potentially resulting in the service being abused due to sensiti...

CWE-3132024

CVE-2016-6538

HIGH

CVSS:8.8(High)

CWE-3132016

CVE-2016-6546

HIGH

CVSS:7.8(High)

CWE-3132016