Vulnerabilities > Cisco > Network Functions Virtualization Infrastructure > 3.6.1

DATE	CVE	VULNERABILITY TITLE	RISK
2018-05-17	CVE-2018-0324	OS Command Injection vulnerability in Cisco Network Functions Virtualization Infrastructure 3.6.1/3.6.2/3.7.1 A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, high-privileged, local attacker to perform a command injection attack. local low complexity cisco CWE-78	4.6
2018-05-17	CVE-2018-0323	Path Traversal vulnerability in Cisco Network Functions Virtualization Infrastructure 3.6.1/3.7.1 A vulnerability in the web management interface of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to conduct a path traversal attack on a targeted system. network low complexity cisco CWE-22	4.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.