CVE-2018-0323

CVE-2018-0323

Vendor N/A
Product Cisco Enterprise NFV Infrastructure Software
Weakness CWE-22 · Path traversal
Published May 17, 2018
Last update November 29, 2024

CVSS base score

What the vulnerability does

01Description

A vulnerability in the web management interface of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to conduct a path traversal attack on a targeted system. The vulnerability is due to insufficient validation of web request parameters. An attacker who has access to the web management interface of the affected application could exploit this vulnerability by sending a malicious web request to the affected device. A successful exploit could allow the attacker to access sensitive information on the affected system. Cisco Bug IDs: CSCvh99631.

Key dates

02Disclosure timeline

May 17, 2018 CVE published
November 29, 2024 Record updated