Cisco Nexus Dashboard Orchestrator (NDO) SSL/TLS Certificate Validation Vulnerability

Key Information 1. Vulnerability Description: - Product: Cisco Nexus Dashboard Orchestrator (NDO) - Issue: SSL/TLS certificate validation vulnerability - Impact: May allow unauthorized remote attackers to intercept sensitive information from affected devices. 2. Exploitation: - Attack Method: Man-in-the-middle attack using forged certificates to impersonate affected devices. - Consequence: Successful exploitation may allow attackers to intercept sensitive information during communication. 3. Affected Products: - Product: Cisco Nexus Dashboard Orchestrator (NDO) - Versions: 4.1 and earlier - Note: Starting with Cisco Nexus Dashboard Release 3.1(1k), NDO is provided within the unified Cisco Nexus Dashboard release. 4. Remediation: - Software Update: Cisco has released software updates to fix this vulnerability. - Workarounds: No workarounds are available to address this vulnerability. 5. Affected Software Versions: - Affected Versions: 4.1 and earlier - Fixed Versions: 4.2(3o), 4.3 and earlier, 4.4(1.1009) 6. Source: - Reporter: Lukas Mergenthaler of Netcloud AG 7. Links: - Details: Cisco Security Advisory Summary Product: Cisco Nexus Dashboard Orchestrator (NDO) Vulnerability Type: SSL/TLS certificate validation vulnerability Affected Versions: 4.1 and earlier Remediation: Software updates have been released Affected Software: Cisco Nexus Dashboard Orchestrator (NDO) 4.1 and earlier

Goal Reached Thanks to every supporter — we hit 100%!

Cisco Nexus Dashboard Orchestrator (NDO) SSL/TLS Certificate Validation Vulnerability