Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco enterprise nfv infrastructure software vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2020-25682
A flaw was found in dnsmasq prior to 2.83. A buffer overflow vulnerability exists in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use this flaw to cause an overflow with...
Thekelleys Dnsmasq
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Article
8.1
CVSSv3
CVE-2020-3478
A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote malicious user to overwrite certain files that should be restricted on an affected device. The vulnerability is due to insufficient authorization enforceme...
Cisco Enterprise Network Function Virtualization Infrastructure
7.8
CVSSv3
CVE-2022-20929
A vulnerability in the upgrade signature verification of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, local malicious user to provide an unauthentic upgrade file for upload. This vulnerability is due to insufficient cryptographic signature ...
Cisco Enterprise Nfv Infrastructure Software
1 Article
7.8
CVSSv3
CVE-2021-1421
A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local malicious user to perform a command injection attack on an affected device. The vulnerability is due to insufficient validation of user-supplied input to a configuration co...
Cisco Enterprise Nfv Infrastructure Software
7.8
CVSSv3
CVE-2019-1893
A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local malicious user to execute arbitrary commands on the underlying operating system (OS) of an affected device as root. The vulnerability is due to insufficient input validatio...
Cisco Enterprise Nfv Infrastructure Software 3.9.1
7.4
CVSSv3
CVE-2022-20780
Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an malicious user to escape from the guest virtual machine (VM) to the host machine, inject commands that execute at the root level, or leak system data from the host to the VM. For more ...
Cisco Enterprise Nfv Infrastructure Software
1 Article
7.2
CVSSv3
CVE-2019-1894
A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker with administrator privileges to overwrite or read arbitrary files on the underlying operating system (OS) of an affected device. The vulnerability is due to impr...
Cisco Enterprise Nfv Infrastructure Software 3.9.1
6.7
CVSSv3
CVE-2020-3236
A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local malicious user to gain root shell access to the underlying operating system and overwrite or read arbitrary files. The attacker would need valid administrative c...
Cisco Enterprise Network Function Virtualization Infrastructure
6.7
CVSSv3
CVE-2020-3138
A vulnerability in the upgrade component of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local malicious user to install a malicious file when upgrading. The vulnerability is due to insufficient signature validation. An attacker could exploit...
Cisco Enterprise Network Function Virtualization Infrastructure
1 Article
6.7
CVSSv3
CVE-2019-1952
A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local malicious user to overwrite or read arbitrary files. The attacker would need valid administrator privilege-level credentials. This vulnerability is due to improp...
Cisco Enterprise Network Function Virtualization Infrastructure
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »