2 matches found
CVE-2018-0460
CVE-2018-0460 affects Cisco Enterprise NFV Infrastructure Software (NFVIS) REST API. The vulnerability arises from insufficient authorization and parameter validation, enabling an authenticated, remote attacker to read arbitrary files on an affected system. Exploitation requires the attacker to u...
CVE-2018-0459
CVE-2018-0459 concerns Cisco Enterprise NFV Infrastructure Software (NFVIS) where the web‑based management interface has insufficient server‑side authorization checks. An authenticated, low‑privileged user can send a crafted HTTP request and potentially reboot or shut down the affected system, im...