Vulnerability Details CVE-2018-0376
A vulnerability in the Policy Builder interface of Cisco Policy Suite before 18.2.0 could allow an unauthenticated, remote attacker to access the Policy Builder interface. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by accessing the Policy Builder interface. A successful exploit could allow the attacker to make changes to existing repositories and create new repositories. Cisco Bug IDs: CSCvi35109.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.095
EPSS Ranking 92.4%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2018-0376
-
cpe:2.3:a:cisco:mobility_services_engine:18.0.0
-
cpe:2.3:a:cisco:policy_suite:-
-
cpe:2.3:a:cisco:policy_suite:10.0.0
-
cpe:2.3:a:cisco:policy_suite:10.1.0
-
cpe:2.3:a:cisco:policy_suite:11.0.0
-
cpe:2.3:a:cisco:policy_suite:11.1.0
-
cpe:2.3:a:cisco:policy_suite:12.0.0
-
cpe:2.3:a:cisco:policy_suite:18.0.0
-
cpe:2.3:a:cisco:policy_suite:18.1.0
-
cpe:2.3:a:cisco:policy_suite:9.0.0
-
cpe:2.3:a:cisco:policy_suite:9.1.0