Cisco Nexus Dashboard vulnerabilities

CVE-2022-20861 [HIGH] CWE-306 CVE-2022-20861: Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. For more information about these vulnerabilities, see the Details section of this advisory.

CVE-2022-20860 [HIGH] CWE-295 CVE-2022-20860: A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard could allow an unauthenticate A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to alter communications with associated controllers or view sensitive information. This vulnerability exists because SSL server certificates are not validated when Cisco Nexus Dashboard is establishing a connection to Cisco Applicatio