Published: 15/08/2018 Updated: 31/08/2020

CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 801

Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

Subscribe to Application Policy Infrastructure Controller Enterprise Module

A vulnerability in the CronJob scheduler API of Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote malicious user to perform a command injection attack. The vulnerability is due to incorrect input validation of user-supplied data. An attacker could exploit this vulnerability by sending a malicious packet. A successful exploit could allow the malicious user to execute arbitrary commands with root privileges. Cisco Bug IDs: CSCvi42263.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco application policy infrastructure controller enterprise module dnac1.1

A vulnerability in the CronJob scheduler API of Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote attacker to perform a command injection attack The vulnerability is due to incorrect input validation of user-supplied data An attacker could exploit this vulnerability by sending a malicious packet A successful ex ...

CWE-78 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-dna-injection http://www.securityfocus.com/bid/105106 https://nvd.nist.gov https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-dna-injection

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-0427

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect