Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco enterprise nfv infrastructure software vulnerabilities and exploits
(subscribe to this query)
409
VMScore
CVE-2018-0324
A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, high-privileged, local malicious user to perform a command injection attack. The vulnerability is due to insufficient input validation of command parameters in the CLI...
Cisco Network Functions Virtualization Infrastructure 3.6.1
Cisco Network Functions Virtualization Infrastructure 3.7.1
Cisco Network Functions Virtualization Infrastructure 3.6.2
605
VMScore
CVE-2018-15402
A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote malicious user to conduct cross-site request forgery (CSRF) attacks. The vulnerability is due to improper validation of Origin headers on HTTP requests within the manage...
Cisco Enterprise Network Virtualization Software Nfvis-8.0
Cisco Enterprise Network Virtualization Software Nfvis-9.0
605
VMScore
CVE-2018-0462
A vulnerability in the user management functionality of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote malicious user to perform a denial of service (DoS) attack against an affected system. The vulnerability is due to insufficient valida...
Cisco Enterprise Network Virtualization Software Nfvis-6.0
Cisco Enterprise Network Virtualization Software Nfvis-8.0
668
VMScore
CVE-2019-1895
A vulnerability in the Virtual Network Computing (VNC) console implementation of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote malicious user to access the VNC console session of an administrative user on an affected device. The vulne...
Cisco Enterprise Network Function Virtualization Infrastructure
490
VMScore
CVE-2020-3478
A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote malicious user to overwrite certain files that should be restricted on an affected device. The vulnerability is due to insufficient authorization enforceme...
Cisco Enterprise Network Function Virtualization Infrastructure
NA
CVE-2022-20929
A vulnerability in the upgrade signature verification of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, local malicious user to provide an unauthentic upgrade file for upload. This vulnerability is due to insufficient cryptographic signature ...
Cisco Enterprise Nfv Infrastructure Software
1 Article
312
VMScore
CVE-2021-1127
A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability...
Cisco Enterprise Nfv Infrastructure Software
641
VMScore
CVE-2020-3138
A vulnerability in the upgrade component of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local malicious user to install a malicious file when upgrading. The vulnerability is due to insufficient signature validation. An attacker could exploit...
Cisco Enterprise Network Function Virtualization Infrastructure
1 Article
356
VMScore
CVE-2020-3365
A vulnerability in the directory permissions of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote malicious user to perform a directory traversal attack on a limited set of restricted directories. The vulnerability is due to a flaw in the l...
Cisco Enterprise Network Function Virtualization Infrastructure
641
VMScore
CVE-2019-1972
A vulnerability the Cisco Enterprise NFV Infrastructure Software (NFVIS) restricted CLI could allow an authenticated, local attacker with valid administrator-level credentials to elevate privileges and execute arbitrary commands on the underlying operating system as root. The vul...
Cisco Enterprise Network Function Virtualization Infrastructure
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »