9
CVSSv2

CVE-2018-0427

Published: 15/08/2018 Updated: 09/10/2019
CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 801
Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

Vulnerability Summary

A vulnerability in the CronJob scheduler API of Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote malicious user to perform a command injection attack. The vulnerability is due to incorrect input validation of user-supplied data. An attacker could exploit this vulnerability by sending a malicious packet. A successful exploit could allow the malicious user to execute arbitrary commands with root privileges. Cisco Bug IDs: CSCvi42263.

Vulnerability Trend

Affected Products

Vendor Advisories

A vulnerability in the CronJob scheduler API of Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote attacker to perform a command injection attack The vulnerability is due to incorrect input validation of user-supplied data An attacker could exploit this vulnerability by sending a malicious packet A successful ex ...