Cisco

Enterprise Nfv Infrastructure Software

22 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2022-20929

  • EPSS 0.09%
  • Veröffentlicht 10.03.2023 21:15:10
  • Zuletzt bearbeitet 21.11.2024 06:43:50

A vulnerability in the upgrade signature verification of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, local attacker to provide an unauthentic upgrade file for upload. This vulnerability is due to insufficien...

7.4

CVE-2022-20780

Exploit
  • EPSS 0.39%
  • Veröffentlicht 04.05.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:43:32

Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an attacker to escape from the guest virtual machine (VM) to the host machine, inject commands that execute at the root level, or leak system data from the h...

9.3

CVE-2022-20779

Exploit
  • EPSS 0.52%
  • Veröffentlicht 04.05.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:43:32

Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an attacker to escape from the guest virtual machine (VM) to the host machine, inject commands that execute at the root level, or leak system data from the h...

9.9

CVE-2022-20777

Exploit
  • EPSS 3.58%
  • Veröffentlicht 04.05.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:43:32

Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an attacker to escape from the guest virtual machine (VM) to the host machine, inject commands that execute at the root level, or leak system data from the h...

9.8

CVE-2021-34746

Exploit
  • EPSS 7.62%
  • Veröffentlicht 02.09.2021 03:15:06
  • Zuletzt bearbeitet 21.11.2024 06:11:06

A vulnerability in the TACACS+ authentication, authorization and accounting (AAA) feature of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to bypass authentication and log in to an affected devic...

7.8

CVE-2021-1421

  • EPSS 0.1%
  • Veröffentlicht 06.05.2021 13:15:10
  • Zuletzt bearbeitet 21.11.2024 05:44:19

A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to perform a command injection attack on an affected device. The vulnerability is due to insufficient validation of user-supplied inp...

5.4

CVE-2021-1127

  • EPSS 0.19%
  • Veröffentlicht 13.01.2021 22:15:14
  • Zuletzt bearbeitet 21.11.2024 05:43:38

A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management inte...

10

CVE-2020-3470

  • EPSS 3.2%
  • Veröffentlicht 18.11.2020 19:15:12
  • Zuletzt bearbeitet 21.11.2024 05:31:08

Multiple vulnerabilities in the API subsystem of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to execute arbitrary code with root privileges. The vulnerabilities are due to improper boundary checks for ...

9

CVE-2019-1894

  • EPSS 1.89%
  • Veröffentlicht 06.07.2019 02:15:11
  • Zuletzt bearbeitet 21.11.2024 04:37:38

A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker with administrator privileges to overwrite or read arbitrary files on the underlying operating system (OS) of an affected device. Th...

7.8

CVE-2019-1893

  • EPSS 0.14%
  • Veröffentlicht 06.07.2019 02:15:11
  • Zuletzt bearbeitet 21.11.2024 04:37:37

A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device as root. The vulnerability is due to insu...