Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco enterprise network function virtualization infrastructure vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2020-3478
A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote malicious user to overwrite certain files that should be restricted on an affected device. The vulnerability is due to insufficient authorization enforceme...
Cisco Enterprise Network Function Virtualization Infrastructure
6.7
CVSSv3
CVE-2020-3138
A vulnerability in the upgrade component of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local malicious user to install a malicious file when upgrading. The vulnerability is due to insufficient signature validation. An attacker could exploit...
Cisco Enterprise Network Function Virtualization Infrastructure
1 Article
6.5
CVSSv3
CVE-2020-3365
A vulnerability in the directory permissions of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote malicious user to perform a directory traversal attack on a limited set of restricted directories. The vulnerability is due to a flaw in the l...
Cisco Enterprise Network Function Virtualization Infrastructure
9.8
CVSSv3
CVE-2019-1971
A vulnerability in the web portal of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote malicious user to perform a command injection attack and execute arbitrary commands with root privileges. The vulnerability is due to insufficient inpu...
Cisco Enterprise Network Function Virtualization Infrastructure
6.7
CVSSv3
CVE-2019-1972
A vulnerability the Cisco Enterprise NFV Infrastructure Software (NFVIS) restricted CLI could allow an authenticated, local attacker with valid administrator-level credentials to elevate privileges and execute arbitrary commands on the underlying operating system as root. The vul...
Cisco Enterprise Network Function Virtualization Infrastructure
6.5
CVSSv3
CVE-2019-1984
A vulnerability in Cisco Enterprise Network Functions Virtualization Infrastructure Software (NFVIS) could allow an authenticated, remote attacker with administrator privileges to overwrite files on the underlying operating system (OS) of an affected device. The vulnerability is ...
Cisco Enterprise Network Function Virtualization Infrastructure Sofware
6.5
CVSSv3
CVE-2019-1946
A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote malicious user to bypass authentication and get limited access to the web-based management interface. The vulnerability is due to a...
Cisco Enterprise Network Function Virtualization Infrastructure
6.7
CVSSv3
CVE-2020-3236
A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local malicious user to gain root shell access to the underlying operating system and overwrite or read arbitrary files. The attacker would need valid administrative c...
Cisco Enterprise Network Function Virtualization Infrastructure
6.5
CVSSv3
CVE-2019-1953
A vulnerability in the web portal of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote malicious user to view a password in clear text. The vulnerability is due to incorrectly logging the admin password when a user is forced to modify the d...
Cisco Enterprise Network Function Virtualization Infrastructure
4.4
CVSSv3
CVE-2019-1959
Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local malicious user to read arbitrary files on the underlying operating system (OS) of an affected device. For more information about these vulnerabilities, see the Det...
Cisco Enterprise Network Function Virtualization Infrastructure
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »