VYPR

NDFC

by Cisco Systems, Inc.

CVEs (3)

  • CVE-2024-20477Oct 2, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to upload or delete files on an affected device. This vulnerability exists because of missing authorization controls on the affected REST API endpoint.…

  • CVE-2024-20441Oct 2, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to learn sensitive information on an affected device. This vulnerability is due to insufficient authorization controls on the affected REST API…

  • CVE-2024-20438Oct 2, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in the REST API endpoints of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to read or write files on an affected device. This vulnerability exists because of missing authorization controls on some REST API endpoints. An attacker…