CVE-2018-0279
Description
A vulnerability in the Secure Copy Protocol (SCP) server of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to access the shell of the underlying Linux operating system on the affected device. The vulnerability is due to improper input validation of command arguments. An attacker could exploit this vulnerability by using crafted arguments when opening a connection to the affected device. An exploit could allow the attacker to gain shell access with a non-root user account to the underlying Linux operating system on the affected device. Due to the system design, access to the Linux shell could allow execution of additional attacks that may have a significant impact on the affected system. This vulnerability affects Cisco devices that are running release 3.7.1, 3.6.3, or earlier releases of Cisco Enterprise NFV Infrastructure Software (NFVIS) when access to the SCP server is allowed on the affected device. Cisco NFVIS Releases 3.5.x and 3.6.x do allow access to the SCP server by default, while Cisco NFVIS Release 3.7.1 does not. Cisco Bug IDs: CSCvh25026.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Cisco NFVIS SCP server input validation flaw allows authenticated remote attackers to gain Linux shell access, affecting releases 3.7.1, 3.6.3, and earlier.
Vulnerability
The vulnerability resides in the Secure Copy Protocol (SCP) server of Cisco Enterprise NFV Infrastructure Software (NFVIS). Improper input validation of command arguments allows an authenticated remote attacker to inject commands and access the underlying Linux shell. Affected versions include Cisco NFVIS releases 3.7.1, 3.6.3, and earlier. Releases 3.5.x and 3.6.x have SCP access enabled by default; release 3.7.1 does not enable SCP by default but is still vulnerable if SCP is enabled. [1]
Exploitation
An attacker must have valid credentials to authenticate to the SCP server. The attacker then sends crafted arguments when opening an SCP connection to the device. This triggers the improper input validation, allowing command injection that results in shell access. No user interaction beyond authentication is required. [1]
Impact
Successful exploitation grants the attacker shell access to the underlying Linux operating system with a non-root user account. While not root, the attacker can leverage this access to execute further attacks that could significantly impact the system, potentially leading to full compromise. [1]
Mitigation
Cisco has released free software updates to address this vulnerability. Customers should upgrade to a fixed release as specified in the Cisco Security Advisory. For NFVIS releases 3.5.x and 3.6.x, upgrading to a patched version is recommended; for 3.7.1, upgrading to a later fixed release is necessary. No workarounds are mentioned; disabling SCP access if not required may reduce risk. [1]
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1- Range: <=3.7.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.securityfocus.com/bid/104243mitrevdb-entryx_refsource_BID
- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-nfvismitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.