Vulnerabilities > Cisco > Network Functions Virtualization Infrastructure > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-10-05	CVE-2018-0460	Incorrect Authorization vulnerability in Cisco Network Functions Virtualization Infrastructure A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to read any file on an affected system. network low complexity cisco CWE-863	6.5
2018-10-05	CVE-2018-0459	Incorrect Authorization vulnerability in Cisco Network Functions Virtualization Infrastructure A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to cause an affected system to reboot or shut down. network low complexity cisco CWE-863	6.5
2018-05-17	CVE-2018-0324	OS Command Injection vulnerability in Cisco Network Functions Virtualization Infrastructure 3.6.1/3.6.2/3.7.1 A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, high-privileged, local attacker to perform a command injection attack. local low complexity cisco CWE-78	6.7
2018-05-17	CVE-2018-0323	Path Traversal vulnerability in Cisco Network Functions Virtualization Infrastructure 3.6.1/3.7.1 A vulnerability in the web management interface of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to conduct a path traversal attack on a targeted system. network low complexity cisco CWE-22	6.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.