The vulnerability of Cisco Enterprise NFV Infrastructure Software (NFVIS) relates to incorrect path name restrictions for access-limited directories, allowing a perpetrator to re-record arbitrary files in the operating system of the vulnerable device.

The vulnerability of Cisco Enterprise NFV Infrastructure Software NFVIS is related to incorrect restrictions on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor to re-record any files in the operating system of the vulnerable device remotely...

PT-2019-3147 · Cisco · Cisco Enterprise Nfv Infrastructure

Name of the Vulnerable Software and Affected Versions: Cisco Enterprise NFV Infrastructure Software NFVIS affected versions not specified Description: A vulnerability in the web portal framework could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a...

CVE-2018-0323

A vulnerability in the web management interface of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to conduct a path traversal attack on a targeted system. The vulnerability is due to insufficient validation of web request parameters. An attacker w...