Vulnerabilities > Cisco > Network Functions Virtualization Infrastructure

DATE CVE VULNERABILITY TITLE RISK
2018-10-05 CVE-2018-0460 Incorrect Authorization vulnerability in Cisco Network Functions Virtualization Infrastructure
A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to read any file on an affected system.
network
low complexity
cisco CWE-863
6.5
2018-10-05 CVE-2018-0459 Incorrect Authorization vulnerability in Cisco Network Functions Virtualization Infrastructure
A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to cause an affected system to reboot or shut down.
network
low complexity
cisco CWE-863
6.5
2018-05-17 CVE-2018-0324 OS Command Injection vulnerability in Cisco Network Functions Virtualization Infrastructure 3.6.1/3.6.2/3.7.1
A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, high-privileged, local attacker to perform a command injection attack.
local
low complexity
cisco CWE-78
6.7
2018-05-17 CVE-2018-0323 Path Traversal vulnerability in Cisco Network Functions Virtualization Infrastructure 3.6.1/3.7.1
A vulnerability in the web management interface of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to conduct a path traversal attack on a targeted system.
network
low complexity
cisco CWE-22
6.5