Lucene search
K
CiscoNetwork Functions Virtualization Infrastructure

4 matches found

CVE
CVE
added 2018/05/17 3:0 a.m.59 views

CVE-2018-0324

Summary: CVE-2018-0324 is a local command-injection vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) CLI due to insufficient input validation in the CLI parser. An authenticated, high-privilege, local attacker could trigger a vulnerable CLI command with crafted parameters to ...

6.7CVSS7AI score0.00684EPSS
CVE
CVE
added 2018/05/17 3:0 a.m.58 views

CVE-2018-0323

CVE-2018-0323 affects Cisco Enterprise NFV Infrastructure Software (NFVIS) Web Management Interface. The vulnerability arises from insufficient validation of web request parameters, enabling an authenticated, remote attacker to perform a path traversal attack and potentially access sensitive info...

6.5CVSS6.3AI score0.01907EPSS
CVE
CVE
added 2018/10/05 2:0 p.m.49 views

CVE-2018-0460

CVE-2018-0460 affects Cisco Enterprise NFV Infrastructure Software (NFVIS) REST API. The vulnerability arises from insufficient authorization and parameter validation, enabling an authenticated, remote attacker to read arbitrary files on an affected system. Exploitation requires the attacker to u...

6.8CVSS6.5AI score0.01895EPSS
CVE
CVE
added 2018/10/05 2:0 p.m.45 views

CVE-2018-0459

CVE-2018-0459 concerns Cisco Enterprise NFV Infrastructure Software (NFVIS) where the web‑based management interface has insufficient server‑side authorization checks. An authenticated, low‑privileged user can send a crafted HTTP request and potentially reboot or shut down the affected system, im...

6.8CVSS6.4AI score0.01789EPSS