2 matches found
CVE-2018-15402
A vulnerability in Cisco Enterprise NFV Infrastructure Software NFVIS could allow an unauthenticated, remote attacker to conduct cross-site request forgery CSRF attacks. The vulnerability is due to improper validation of Origin headers on HTTP requests within the management interface. An attacker...
CVE-2018-15402
Cisco Enterprise NFV Infrastructure Software (NFVIS) contains a CSRF vulnerability (CVE-2018-15402) arising from improper Origin header validation in the management HTTP interface. An unauthenticated, remote attacker can lure a user to a malicious page to perform actions with the user’s privilege...