Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco enterprise nfv infrastructure software vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2021-1421
A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local malicious user to perform a command injection attack on an affected device. The vulnerability is due to insufficient validation of user-supplied input to a configuration co...
Cisco Enterprise Nfv Infrastructure Software
7.2
CVSSv2
CVE-2020-3236
A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local malicious user to gain root shell access to the underlying operating system and overwrite or read arbitrary files. The attacker would need valid administrative c...
Cisco Enterprise Network Function Virtualization Infrastructure
7.2
CVSSv2
CVE-2020-3138
A vulnerability in the upgrade component of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local malicious user to install a malicious file when upgrading. The vulnerability is due to insufficient signature validation. An attacker could exploit...
Cisco Enterprise Network Function Virtualization Infrastructure
1 Article
7.2
CVSSv2
CVE-2019-1972
A vulnerability the Cisco Enterprise NFV Infrastructure Software (NFVIS) restricted CLI could allow an authenticated, local attacker with valid administrator-level credentials to elevate privileges and execute arbitrary commands on the underlying operating system as root. The vul...
Cisco Enterprise Network Function Virtualization Infrastructure
7.2
CVSSv2
CVE-2019-1893
A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local malicious user to execute arbitrary commands on the underlying operating system (OS) of an affected device as root. The vulnerability is due to insufficient input validatio...
Cisco Enterprise Nfv Infrastructure Software 3.9.1
7.1
CVSSv2
CVE-2020-25687
A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow exists in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to cause an overflow in a heap-allocated ...
Thekelleys Dnsmasq
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Article
7.1
CVSSv2
CVE-2020-25683
A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow exists in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocat...
Thekelleys Dnsmasq
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Article
6.8
CVSSv2
CVE-2019-1961
A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote malicious user to read arbitrary files on the underlying operating system (OS) of an affected device. The vulnerability is due to the improper input validation of tar pack...
Cisco Enterprise Network Function Virtualization Infrastructure
6.8
CVSSv2
CVE-2018-15402
A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote malicious user to conduct cross-site request forgery (CSRF) attacks. The vulnerability is due to improper validation of Origin headers on HTTP requests within the manage...
Cisco Enterprise Network Virtualization Software Nfvis-8.0
Cisco Enterprise Network Virtualization Software Nfvis-9.0
6.8
CVSSv2
CVE-2018-0459
A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote malicious user to cause an affected system to reboot or shut down. The vulnerability is due to insufficient server-side authorization...
Cisco Network Functions Virtualization Infrastructure -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »