VYPR

Nfvis

by Cisco Systems, Inc.

CVEs (28)

  • CVE-2018-15402MedOct 17, 2018
    risk 0.35cvss 5.4epss 0.00

    A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to conduct cross-site request forgery (CSRF) attacks. The vulnerability is due to improper validation of Origin headers on HTTP requests within the management…

  • CVE-2019-1656MedJan 24, 2019
    risk 0.34cvss 5.3epss 0.00

    A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to access the shell of the underlying Linux operating system on the affected device. The vulnerability is due to improper input validation in the…

  • CVE-2019-1961MedAug 8, 2019
    risk 0.32cvss 4.9epss 0.02

    A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system (OS) of an affected device. The vulnerability is due to the improper input validation of tar packages…

  • CVE-2019-1973MedAug 8, 2019
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web portal framework of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due to improper input…

  • CVE-2019-1960MedAug 8, 2019
    risk 0.29cvss 4.4epss 0.00

    Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to read arbitrary files on the underlying operating system (OS) of an affected device. For more information about these vulnerabilities, see the Details…

  • CVE-2019-1959MedAug 8, 2019
    risk 0.29cvss 4.4epss 0.00

    Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to read arbitrary files on the underlying operating system (OS) of an affected device. For more information about these vulnerabilities, see the Details…

  • CVE-2020-3365MedSep 4, 2020
    risk 0.28cvss 4.3epss 0.02

    A vulnerability in the directory permissions of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to perform a directory traversal attack on a limited set of restricted directories. The vulnerability is due to a flaw in the logic…

  • CVE-2019-12623MedAug 21, 2019
    risk 0.28cvss 4.3epss 0.01

    A vulnerability in the web server functionality of Cisco Enterprise Network Functions Virtualization Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to perform file enumeration on an affected system. The vulnerability is due to the web server…

Page 2 of 2