Cisco

Enterprise Nfv Infrastructure Software

14 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2025-32433

Warning Media report Exploit
  • EPSS 68.02%
  • Published 16.04.2025 21:34:37
  • Last modified 30.07.2025 19:24:19

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in S...

8.8

CVE-2022-20655

  • EPSS 0.54%
  • Published 15.11.2024 16:15:20
  • Last modified 18.11.2024 17:11:56

A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient validation of a process argument on an a...

7.8

CVE-2022-20929

  • EPSS 0.04%
  • Published 10.03.2023 21:15:10
  • Last modified 21.11.2024 06:43:50

A vulnerability in the upgrade signature verification of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, local attacker to provide an unauthentic upgrade file for upload. This vulnerability is due to insufficien...

9.9

CVE-2022-20777

Exploit
  • EPSS 13.77%
  • Published 04.05.2022 17:15:08
  • Last modified 21.11.2024 06:43:32

Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an attacker to escape from the guest virtual machine (VM) to the host machine, inject commands that execute at the root level, or leak system data from the h...

9.3

CVE-2022-20779

Exploit
  • EPSS 2.34%
  • Published 04.05.2022 17:15:08
  • Last modified 21.11.2024 06:43:32

Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an attacker to escape from the guest virtual machine (VM) to the host machine, inject commands that execute at the root level, or leak system data from the h...

7.4

CVE-2022-20780

Exploit
  • EPSS 2.36%
  • Published 04.05.2022 17:15:08
  • Last modified 21.11.2024 06:43:32

Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an attacker to escape from the guest virtual machine (VM) to the host machine, inject commands that execute at the root level, or leak system data from the h...

9.8

CVE-2021-34746

Exploit
  • EPSS 3.62%
  • Published 02.09.2021 03:15:06
  • Last modified 21.11.2024 06:11:06

A vulnerability in the TACACS+ authentication, authorization and accounting (AAA) feature of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to bypass authentication and log in to an affected devic...

7.8

CVE-2021-1421

  • EPSS 0.1%
  • Published 06.05.2021 13:15:10
  • Last modified 21.11.2024 05:44:19

A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to perform a command injection attack on an affected device. The vulnerability is due to insufficient validation of user-supplied inp...

5.4

CVE-2021-1127

  • EPSS 0.19%
  • Published 13.01.2021 22:15:14
  • Last modified 21.11.2024 05:43:38

A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management inte...

10

CVE-2020-3470

  • EPSS 3.2%
  • Published 18.11.2020 19:15:12
  • Last modified 21.11.2024 05:31:08

Multiple vulnerabilities in the API subsystem of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to execute arbitrary code with root privileges. The vulnerabilities are due to improper boundary checks for ...