CVE-2018-0393

CVE-2018-0393

Vendor N/A

Product Cisco Policy Suite unknown

Weakness CWE-285

Published July 18, 2018

Last update November 29, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A Read-Only User Effect Change vulnerability in the Policy Builder interface of Cisco Policy Suite could allow an authenticated, remote attacker to make policy changes in the Policy Builder interface. The vulnerability is due to insufficient authorization controls. An attacker could exploit this vulnerability by accessing the Policy Builder interface and modifying an HTTP request. A successful exploit could allow the attacker to make changes to existing policies. Cisco Bug IDs: CSCvi35007.

Key dates

02Disclosure timeline

July 18, 2018 CVE published

November 29, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2018-0393

Related vulnerabilities

01Description

02Disclosure timeline

03References

04Related CVE