2 matches found
CVE-2018-0462
CVE-2018-0462 concerns Cisco Enterprise NFV Infrastructure Software (NFVIS). The vulnerability arises in the user management functionality due to insufficient validation of user-provided input. An authenticated, highly privileged user can perform a sequence of user-management operations that inte...
CVE-2018-15402
Cisco Enterprise NFV Infrastructure Software (NFVIS) contains a CSRF vulnerability (CVE-2018-15402) arising from improper Origin header validation in the management HTTP interface. An unauthenticated, remote attacker can lure a user to a malicious page to perform actions with the user’s privilege...