Cisco Network Functions Virtualization Infrastructure
By the Year
In 2024 there have been 0 vulnerabilities in Cisco Network Functions Virtualization Infrastructure . Network Functions Virtualization Infrastructure did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 4 | 6.55 |
It may take a day or so for new Network Functions Virtualization Infrastructure vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Cisco Network Functions Virtualization Infrastructure Security Vulnerabilities
A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure Software (NFVIS) could
CVE-2018-0459
6.5 - Medium
- October 05, 2018
A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to cause an affected system to reboot or shut down. The vulnerability is due to insufficient server-side authorization checks. An attacker who is logged in to the web-based management interface as a low-privileged user could exploit this vulnerability by sending a crafted HTTP request. A successful exploit could allow the attacker to use the low-privileged user account to reboot or shut down the affected system.
AuthZ
A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software (NFVIS) could
CVE-2018-0460
6.5 - Medium
- October 05, 2018
A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to read any file on an affected system. The vulnerability is due to insufficient authorization and parameter validation checks. An attacker could exploit this vulnerability by sending a malicious API request with the authentication credentials of a low-privileged user. A successful exploit could allow the attacker to read any file on the affected system.
AuthZ
A vulnerability in the web management interface of Cisco Enterprise NFV Infrastructure Software (NFVIS) could
CVE-2018-0323
6.5 - Medium
- May 17, 2018
A vulnerability in the web management interface of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to conduct a path traversal attack on a targeted system. The vulnerability is due to insufficient validation of web request parameters. An attacker who has access to the web management interface of the affected application could exploit this vulnerability by sending a malicious web request to the affected device. A successful exploit could allow the attacker to access sensitive information on the affected system. Cisco Bug IDs: CSCvh99631.
Directory traversal
A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could
CVE-2018-0324
6.7 - Medium
- May 17, 2018
A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, high-privileged, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command parameters in the CLI parser. An attacker could exploit this vulnerability by invoking a vulnerable CLI command with crafted malicious parameters. An exploit could allow the attacker to execute arbitrary commands with a non-root user account on the underlying Linux operating system of the affected device. Cisco Bug IDs: CSCvi09723.
Shell injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Cisco Network Functions Virtualization Infrastructure or by Cisco? Click the Watch button to subscribe.
