QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2018-0323

Back to search

CVE-2018-0323

Published: May 17, 2018

Modified: Nov 29, 2024

PUBLISHED

Description

A vulnerability in the web management interface of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to conduct a path traversal attack on a targeted system. The vulnerability is due to insufficient validation of web request parameters. An attacker who has access to the web management interface of the affected application could exploit this vulnerability by sending a malicious web request to the affected device. A successful exploit could allow the attacker to access sensitive information on the affected system. Cisco Bug IDs: CSCvh99631.

VendorProductVersions

n/a

Cisco Enterprise NFV Infrastructure Software

affected
Cisco Enterprise NFV Infrastructure Software

Weaknesses (CWE)

CWE-22

References

104206
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now