Vulnerabilities > Cisco > Enterprise Network Function Virtualization Infrastructure > 4.1.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-09-04 | CVE-2020-3478 | Improper Input Validation vulnerability in Cisco Enterprise Network Function Virtualization Infrastructure A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to overwrite certain files that should be restricted on an affected device. | 8.1 |
2020-09-04 | CVE-2020-3365 | Path Traversal vulnerability in Cisco Enterprise Network Function Virtualization Infrastructure A vulnerability in the directory permissions of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to perform a directory traversal attack on a limited set of restricted directories. | 6.5 |