Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco enterprise nfv infrastructure software vulnerabilities and exploits
(subscribe to this query)
6.7
CVSSv3
CVE-2018-0324
A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, high-privileged, local malicious user to perform a command injection attack. The vulnerability is due to insufficient input validation of command parameters in the CLI...
Cisco Network Functions Virtualization Infrastructure 3.6.1
Cisco Network Functions Virtualization Infrastructure 3.7.1
Cisco Network Functions Virtualization Infrastructure 3.6.2
8.8
CVSSv3
CVE-2018-15402
A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote malicious user to conduct cross-site request forgery (CSRF) attacks. The vulnerability is due to improper validation of Origin headers on HTTP requests within the manage...
Cisco Enterprise Network Virtualization Software Nfvis-8.0
Cisco Enterprise Network Virtualization Software Nfvis-9.0
4.9
CVSSv3
CVE-2018-0462
A vulnerability in the user management functionality of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote malicious user to perform a denial of service (DoS) attack against an affected system. The vulnerability is due to insufficient valida...
Cisco Enterprise Network Virtualization Software Nfvis-6.0
Cisco Enterprise Network Virtualization Software Nfvis-8.0
9.8
CVSSv3
CVE-2019-1895
A vulnerability in the Virtual Network Computing (VNC) console implementation of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote malicious user to access the VNC console session of an administrative user on an affected device. The vulne...
Cisco Enterprise Network Function Virtualization Infrastructure
8.1
CVSSv3
CVE-2020-3478
A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote malicious user to overwrite certain files that should be restricted on an affected device. The vulnerability is due to insufficient authorization enforceme...
Cisco Enterprise Network Function Virtualization Infrastructure
7.8
CVSSv3
CVE-2022-20929
A vulnerability in the upgrade signature verification of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, local malicious user to provide an unauthentic upgrade file for upload. This vulnerability is due to insufficient cryptographic signature ...
Cisco Enterprise Nfv Infrastructure Software
1 Article
5.4
CVSSv3
CVE-2021-1127
A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability...
Cisco Enterprise Nfv Infrastructure Software
6.7
CVSSv3
CVE-2020-3138
A vulnerability in the upgrade component of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local malicious user to install a malicious file when upgrading. The vulnerability is due to insufficient signature validation. An attacker could exploit...
Cisco Enterprise Network Function Virtualization Infrastructure
1 Article
6.5
CVSSv3
CVE-2020-3365
A vulnerability in the directory permissions of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote malicious user to perform a directory traversal attack on a limited set of restricted directories. The vulnerability is due to a flaw in the l...
Cisco Enterprise Network Function Virtualization Infrastructure
6.7
CVSSv3
CVE-2019-1972
A vulnerability the Cisco Enterprise NFV Infrastructure Software (NFVIS) restricted CLI could allow an authenticated, local attacker with valid administrator-level credentials to elevate privileges and execute arbitrary commands on the underlying operating system as root. The vul...
Cisco Enterprise Network Function Virtualization Infrastructure
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »