TL;DR 📌

A medium severity vulnerability has been identified in Cisco NX-OS Software that could allow an authenticated, local attacker to access sensitive log information. No workarounds are available, and Cisco has released fixed software to address this issue.

What happened 🕵️‍♂️

A vulnerability in the logging feature of Cisco NX-OS Software affects several Cisco Nexus and UCS devices. This vulnerability arises from improper logging of sensitive information, which could allow an authenticated local attacker to access sensitive data, including stored credentials, by exploiting the log files on the device’s file system.