CVE-2026-20174
Received Received - Intake
Arbitrary File Write in Cisco Nexus Dashboard Insights Metadata Update

Publication date: 2026-04-01

Last updated on: 2026-04-01

Assigner: Cisco Systems, Inc.

Description
A vulnerability in the Metadata update feature of Cisco Nexus Dashboard Insights could allow an authenticated, remote attacker to write arbitrary files to an affected system. This vulnerability is due to insufficient validation of the metadata update file. An attacker could exploit this vulnerability by crafting a metadata update file and manually uploading it to an affected device. A successful exploit could allow the attacker to write arbitrary files to the underlying operating system as the root user. To exploit this vulnerability, the attacker must have valid administrative credentials. Note: Manual uploading of metadata files is typical for Air-Gap environments but not for Cisco Intersight Cloud connected devices. However, the manual upload option exists for both deployments.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-01
Last Modified
2026-04-01
Generated
2026-06-16
AI Q&A
2026-04-01
EPSS Evaluated
2026-06-15
NVD
CVE-2026-20174
EUVD
EUVD-2026-17957
Affected Vendors & Products
Showing 6 associated CPEs
Vendor Product Version / Range
cisco nexus_dashboard_insights *
cisco nexus_dashboard_insights From 6.5 (inc)
cisco nexus_dashboard_insights 3.1(1k)
cisco nexus_dashboard_insights 3.1
cisco nexus_dashboard_insights 3.2
cisco nexus_dashboard_insights 4.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-22 The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Executive Summary

CVE-2026-20174 is a medium-severity vulnerability in the Metadata update feature of Cisco Nexus Dashboard Insights. It occurs because the system does not properly validate the metadata update file. An authenticated remote attacker with administrative credentials can craft and manually upload a malicious metadata update file.

If successfully exploited, this vulnerability allows the attacker to write arbitrary files to the underlying operating system with root privileges.

This issue affects all configurations of Cisco Nexus Dashboard Insights, including both air-gapped and Cisco Intersight Cloud connected deployments, since both support manual metadata file uploads.

Impact Analysis

This vulnerability can impact you by allowing an attacker with valid administrative credentials to write arbitrary files to your system with root-level access.

Such unauthorized file writes can compromise the integrity of your system, potentially leading to unauthorized changes, system manipulation, or further exploitation.

Although the vulnerability does not affect confidentiality or availability directly, the high integrity impact means your system's trustworthiness and correct operation could be severely affected.

Detection Guidance

This vulnerability involves the manual upload of crafted metadata update files by an authenticated user with administrative credentials. Detection would involve monitoring for unusual or unauthorized metadata file uploads to Cisco Nexus Dashboard Insights systems.

Since exploitation requires valid administrative credentials and manual upload of metadata files, commands or logs related to metadata update file uploads should be reviewed.

Specific commands are not provided in the available resources, but administrators should check system logs for metadata update file upload activities and verify the integrity of uploaded files.

Mitigation Strategies

Cisco strongly recommends upgrading to fixed software releases to remediate this vulnerability.

  • Upgrade Cisco Nexus Dashboard Insights to versions later than 6.5 or to unified Cisco Nexus Dashboard software starting from release 3.1(1k).
  • Migrate Nexus Dashboard releases 3.1, 3.2, and 4.1 to fixed releases, as these are vulnerable.
  • Note that Nexus Dashboard release 4.2 is not vulnerable.

Verify hardware and software compatibility before upgrading and obtain fixed software through authorized channels or Cisco TAC if necessary.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-20174. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart